Security Microsoft Excel Multiple Vulnerabilities

PHP Web Host - Quality Web Hosting For All PHP Applications

• Home • Downloads • Your Account • Forums •

Site Navigation

Home:

Donate o Meter

Help Keep Our Servers Online AND Our Services Free!

Donations
neralex Sep-7

Please Link To Me!

Quality Web Hosting For All PHP Applications

Quality PHP Web Host!

Great Reviews!

Need help setting up your website, installing Apache, PHP, MySQL, or RavenNuke(tm)?

Need help customizing or designing scripts?

Please contact us via the Contact Us option for further details and pricing.

Link to Me

There are more Link To Me icons here.

Site Info v2.2.2 ©

Microsoft Excel Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA31593

VERIFY ADVISORY: http://secunia.com/advisories/31593/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE:
Microsoft Open XML File Format Converter for Mac - http://secunia.com/advisories/product/20148/
Microsoft Office Excel Viewer 2007 - http://secunia.com/advisories/product/19210/
Microsoft Office Excel Viewer 2003 - http://secunia.com/advisories/product/7700/
Microsoft Office Excel 2007 - http://secunia.com/advisories/product/14161/
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats - http://secunia.com/advisories/product/14165/
Microsoft Office 2008 for Mac - http://secunia.com/advisories/product/17922/
Microsoft Office 2004 for Mac - http://secunia.com/advisories/product/8713/
Microsoft Excel 2003 - http://secunia.com/advisories/product/4970/
Microsoft Excel 2002 - http://secunia.com/advisories/product/4043/
Microsoft Excel 2000 - http://secunia.com/advisories/product/3054/
Microsoft Office 2000 - http://secunia.com/advisories/product/24/
Microsoft Office 2003 Professional Edition - http://secunia.com/advisories/product/2276/
Microsoft Office 2003 Small Business Edition - http://secunia.com/advisories/product/2277/
Microsoft Office 2003 Standard Edition - http://secunia.com/advisories/product/2275/
Microsoft Office 2003 Student and Teacher Edition - http://secunia.com/advisories/product/2278/
Microsoft Office 2007 - http://secunia.com/advisories/product/13228/
Microsoft Office XP - http://secunia.com/advisories/product/23/

DESCRIPTION: Some vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

1) An error while validating an index value in a NAME record can be exploited to corrupt memory via a specially crafted Excel Spreadsheet (XLS) file.
2) An unspecified error in the processing of Excel records can be exploited to corrupt memory via a specially crafted XLS file. 3) An unspecified error in the processing of Excel formulas can be exploited to corrupt memory via a specially crafted XLS file.

SOLUTION: Apply patches.
Microsoft Excel 2000 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=f39d2a49-f861-4f2d-bf91-94a8a85af40c
Microsoft Excel 2002 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=72076e21-2aa3-48e8-883a-c3cb756fc72a
Microsoft Excel 2003 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=6c0771e5-fcd4-4365-b903-1a3bd95d9e66
Microsoft Excel 2007: http://www.microsoft.com/downloads/details.aspx?FamilyId=68bb8d99-f28b-4efd-9314-3eee0bb00ccf
Microsoft Excel 2007 SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=68bb8d99-f28b-4efd-9314-3eee0bb00ccf
Microsoft Office Excel Viewer 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=4b3989ef-02b8-4bd2-b2ab-c3716079936e
Microsoft Office Excel Viewer 2003 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=4b3989ef-02b8-4bd2-b2ab-c3716079936e
Microsoft Office Excel Viewer: http://www.microsoft.com/downloads/details.aspx?FamilyId=9dbb35c1-aa7a-481b-a330-8ba916ddd443
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats: http://www.microsoft.com/downloads/details.aspx?FamilyId=99cca4ed-f1f9-4cfd-a986-edbec82ced4f
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=99cca4ed-f1f9-4cfd-a986-edbec82ced4f
Microsoft Office 2004 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyId=ECA13AD8-62AE-41A8-B308-41E2D1773820
Microsoft Office 2008 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyId=AB31A564-43D2-45BD-98BF-19E9CA477B62
Open XML File Format Converter for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyId=EDB6CD8F-832C-4123-8982-AC0C601EA0A7

PROVIDED AND/OR DISCOVERED BY:
1) Dyon Balding, Secunia Research
2) The vendor credits Joshua J. Drake, VeriSign iDefense Labs.
3) The vendor credits Claes M Nyberg, signedness.org.

ORIGINAL ADVISORY: MS08-074 (KB959070): http://www.microsoft.com/technet/security/Bulletin/MS08-074.mspx

Secunia Research: http://secunia.com/secunia_research/2008-36/

Posted on Tuesday, December 09, 2008 @ 16:24:13 EST by Raven

Related Links

· More about Security
· News by Raven

Most read story about Security:
PHP-Nuke *eid* SQL Injection Vulnerability

Article Rating

Average Score: 0
Votes: 0

Options

Printer Friendly Page

Send to a Friend

Associated Topics

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2010 by Raven

You can syndicate our news using the file

Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.

:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com :::: fisubice Theme Modified by the RavenNuke™ Team ::
::