Microsoft Excel Multiple Vulnerabilites( 12 March 2008 )

Last Update Date: 28 Jan 2011 Release Date: 12 Mar 2008 5348 Views

RISK: Medium Risk

Medium Risk

1. Excel Data Validation Record Vulnerability

A remote code execution vulnerability exists in the way Excel processes data validation records when loading Excel files into memory. An attacker could exploit the vulnerability by sending a malformed file which could be hosted on a specially crafted or compromised Web site, or included as an e-mail attachment.

2. Excel File Import Vulnerability

A remote code execution vulnerability exists in the way Excel handles data when importing files into Excel. An attacker could exploit the vulnerability by sending a malformed .slk file which could be hosted on a specially crafted or compromised Web site, or included as an e-mail attachment, and which could then be imported into Excel.

3. Excel Style Record Vulnerability

A remote code execution vulnerability exists in the way Excel handles Style record data when opening Excel files. An attacker could exploit the vulnerability by sending a malformed file which could be hosted on a specially crafted or compromised Web site, or included as an e-mail attachment.

4. Excel Formula Parsing Vulnerability

A remote code execution vulnerability exists in the way Excel handles malformed formulas. An attacker could exploit the vulnerability by sending a malformed file which could be hosted on a specially crafted or compromised Web site, or included as an e-mail attachment.

5. Excel Rich Text Validation Vulnerability

A remote code execution vulnerability exists in the way Excel handles rich text values when loading application data into memory. An attacker could exploit the vulnerability by sending a malformed file which could be hosted on a specially crafted or compromised Web site, or included as an e-mail attachment.

6. Excel Conditional Formatting Vulnerability

A remote code execution vulnerability exists in the way Excel handles conditional formatting values. An attacker could exploit the vulnerability by sending a malformed file which could be hosted on a specially crafted or compromised Web site, or included as an e-mail attachment.

7. Macro Validation Vulnerability

A remote code execution vulnerability exists in the way Excel handles macros when opening specially crafted Excel files. An attacker could exploit the vulnerability by sending a malformed file which could be hosted on a specially crafted or compromised Web site, or included as an e-mail attachment.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Office 2000 Service Pack 3
    - Excel 2000 Service Pack 3
  • Microsoft Office XP Service Pack 3
    - Excel 2002 Service Pack 3
  • Microsoft Office 2003 Service Pack 2
    - Excel 2003 Service Pack 2
  • 2007 Microsoft Office System
    - Excel 2007
  • Microsoft Office Excel Viewer 2003
  • Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Office Multiple Memory Corruption Vulnerabilities( 12 March 2008 )

12 Mar 2008 5347 Views

Next

RealPlayer ActiveX Control "Console" Memory Corruption Vulnerability

12 Mar 2008 5538 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY