Microsoft Office Excel Multiple Vulnerabilities
RISK: Medium Risk
1. Microsoft Office Excel Record Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
2. Microsoft Office Excel Sheet Object Type Confusion Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
3. Microsoft Office Excel MDXTUPLE Record Heap Overflow Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
4. Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
5. Microsoft Office Excel FNGROUPNAME Record Uninitialized Memory Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
6. Microsoft Office Excel XLSX File Parsing Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
7. Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Impact
- Remote Code Execution
System / Technologies affected
- Microsoft Office XP
- Microsoft Office 2003
- 2007 Microsoft Office System
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Open XML File Format Converter for Mac
- Microsoft Office Excel Viewer
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
- Microsoft Office SharePoint Server 2007
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- Microsoft Office Excel 2002 Service Pack 3
- Microsoft Office Excel 2003 Service Pack 3
- Microsoft Office Excel 2007 Service Pack 1
- Microsoft Office Excel 2007 Service Pack 2
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Open XML File Format Converter for Mac
- Microsoft Office Excel Viewer Service Pack 1 and Microsoft Office Excel Viewer Service Pack 2
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1 and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
- Microsoft Office SharePoint Server 2007 Service Pack 1 (32-bit editions)
- Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions)
- Microsoft Office SharePoint Server 2007 Service Pack 1 (64-bit editions)
- Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions)
Vulnerability Identifier
Source
Share with