1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: MS Excel RTD Record CVE-2011-0105

Attack: MS Excel RTD Record CVE-2011-0105

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempt to exploit a remote code execution vulnerability in Microsoft Excel application.

Additional Information

Microsoft Excel is a spreadsheet application that is part of the Microsoft Office suite.

Microsoft Excel is prone to a buffer-overflow vulnerability when parsing an RTD (RealTimeData) record in a malformed Excel file. Specifically, the application fails to initialize a variable that is later used in a memory copy operation.

Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file.

Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition.


  • Microsoft Excel 2002
  • Microsoft Office XP SP3
  • Microsoft Excel 2002 SP3
  • Microsoft Excel 2002 SP2
  • Microsoft Excel 2002 SP1
  • Microsoft Excel 2008 for Mac 0
  • Microsoft Excel 2004 for Mac 0
  • Microsoft Open XML File Format Converter for Mac 0


The vendor has released an advisory and updates. Please visit vendor's website for further details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube