MS.Excel.Malformed.Palette.Record.Code.Execution
Description
This indicates an attempt to exploit a heap based buffer overflow vulnerability in Microsoft Excel.
The vulnerability can be exploited via a malformed Excel file with a "PALETTE" record that contains a large number of entries. As a result a remote attacker can cause the execution of arbitrary code on a vulnerable system with the privileges of the victim.
Affected Products
Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office Excel Viewer 2003
Microsoft Excel 2002
Microsoft Excel 2000
Microsoft Excel 2003
Microsoft Works Suite 2004
Microsoft Works Suite 2005
Microsoft Office 2004 for Mac
Microsoft Office v. X for Mac
Impact
System compromise: remote code execution.
Recommended Actions
Security update for Microsoft Excel 2000 :
http://www.microsoft.com/downloads/details.aspx?familyid=5CCF4455-6B22-4249-93D7-661D12839292
Security update for Microsoft Excel 2002 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=EE7278EA-3AEE-4994-9657-66019961D63C
Security update for Microsoft Excel 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=79B88CE8-5C56-462F-AC1A-4BCE04C8F543
Security update for Microsoft Office Excel Viewer 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=99AE7653-F0FD-4DBA-A151-098FD03E6EA4
Security update for Microsoft Works Suite 2004 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=EE7278EA-3AEE-4994-9657-66019961D63C
Security update for Microsoft Works Suite 2005 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=EE7278EA-3AEE-4994-9657-66019961D63C
Security update for Microsoft Office 2004 and Office v. X for Mac :
http://www.microsoft.com/mac/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |