Microsoft Excel SST Invalid Length Use After Free Remote Code Execution Vulnerability

Summary

Microsoft Excel is prone to a remote code-execution vulnerability.

Credit:

The original article can be found at: http://technet.microsoft.com/en-us/security/bulletin/ms12-076


Details

Vulnerable Systems:
 * Microsoft Excel 2010 SP1 and prior

Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel (‘.xls’) file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploits will result in denial-of-service conditions.

CVE Information:
CVE-2012-1887

Disclosure Timeline:
Published: November 13 2012

Categories: Windows