MS.Excel.Malformed.File.Format.Parsing.Code.Execution
Description
Microsoft Excel has a code execution vulnerability. A remote attacker can execute arbitrary code on the system with the privileges of the victim via an Excel file with malformed BOOLERR recodes.
Affected Products
Microsoft Corporation: Microsoft Office 2000 SP3
Microsoft Corporation: Microsoft Office 2003 SP1
Microsoft Corporation: Microsoft Office 2003 SP2
Microsoft Corporation: Microsoft Office 2004 for MacIntosh
Microsoft Corporation: Microsoft Office v. X for MacIntosh
Microsoft Corporation: Microsoft Office XP SP3
Microsoft Corporation: Microsoft Works Suite 2000
Microsoft Corporation: Microsoft Works Suite 2001
Microsoft Corporation: Microsoft Works Suite 2002
Microsoft Corporation: Microsoft Works Suite 2003
Microsoft Corporation: Microsoft Works Suite 2004
Microsoft Corporation: Microsoft Works Suite 2005
Microsoft Corporation: Microsoft Works Suite 2006
Impact
System compromise: remote code execution.
Recommended Actions
Apply the appropriate patch for your system from the following web site:
http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx#E4EAE
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |