Skip to main content

Microsoft Office Excel Multiple Vulnerabilities ( 10 June 2009 )

Last Update Date: 28 Jan 2011 Release Date: 10 Jun 2009 5121 Views

RISK: Medium Risk

A remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed record object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

1. Record Pointer Corruption Vulnerability

2. Object Record Corruption Vulnerability

3. Array Indexing Memory Corruption Vulnerability

4. String Copy Stack-Based Overrun Vulnerability

5. Field Sanitization Memory Corruption Vulnerability

6. Record Integer Overflow Vulnerability

7. Record Pointer Corruption Vulnerability


Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Office 2000
  • Microsoft Office XP
  • Microsoft Office 2003
  • 2007 Microsoft Office System
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac
  • Open XML File Format Converter for Mac
  • Microsoft Office Excel 2000
  • Microsoft Office Excel 2002
  • Microsoft Office Excel 2003
  • Microsoft Office Excel 2007
  • Microsoft Office Excel Viewer 2003
  • Microsoft Office Excel Viewer
  • Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
  • Microsoft Office SharePoint Server 2007

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch


Vulnerability Identifier


Source


Related Link