BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Microsoft Excel 2003 Use After Free

Disclosed November 4, 2011    No Patch Available

Vulnerability Description:

Microsoft Excel 2003 contains a use-after-free vulnerability, possibly located in the VBscript macro handler.  Successful exploitation may allow an attacker to remotely execute arbitrary code in the context of the currently logged on user.

Vendors:

Microsoft

Vulnerable Software/Devices:

Microsoft Excel 2003 v11.8335.8333

Vulnerability Severity:

High

Exploit Availability:

N/A

Exploit Impact:

Remote Code Execution
Client-side Remote Code Execution This client-side vulnerability could allow an attacker to gain the ability to execute arbitrary code in the context of the current application. If the application is run as Administrator, the attacker may gain complete control of the target system.

BeyondTrust Prevention and Detection:

 

Mitigation:

No mitigation has been provided.

Links:

CVE(s):

None

Leave a Reply