Microsoft Office Excel Invalid Object Reference Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 25 Feb 2009 5180 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error that may cause an invalid object to be referenced when opening an Excel document.Successful exploitation allows execution of arbitrary code.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Excel 2000
  • Microsoft Excel 2002
  • Microsoft Excel 2003
  • Microsoft Excel 2007
  • Microsoft Office 2000
  • Microsoft Office XP
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac
  • Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
  • Microsoft Office Excel Viewer 2003
  • Microsoft Office Excel Viewer 2007

Solutions

Note: There is no patch available for this vulnerability currently.

Workaround:
It is recommended to use MOICE (Microsoft Office Isolated Conversion Environment) for opening untrusted Office documents and/or using Microsoft Office File Block policy to block the opening of Office 2003 and earlier documents.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Adobe Acrobat and Reader Image Stream Code Execution Vulnerability

23 Feb 2009 5416 Views

Next

Adobe Flash Player Code Execution and Clickjacking Vulnerabilities

26 Feb 2009 5389 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY