MS.Excel.Workspace.Designation.Remote.Code.Execution
Description
This indicates an attempt to exploit a remote code execution vulnerability in Microsoft Excel.
The vulnerability can be exploited via a malformed Excel file with the "denoting [of] the start of a Workspace designation". This results in memory corruption. A remote attacker can crash Microsoft Excel and may also be able to execute arbitrary code. Aka the "Workbook Memory Corruption Vulnerability".
Affected Products
Microsoft Excel Viewer 2003
Microsoft Excel 2003 SP2
Microsoft Excel 2002 SP3
Microsoft Excel 2000 SP3
Impact
System compromise: possible remote code execution.
Recommended Actions
Apply patch, available from the Web site.
http://www.microsoft.com/technet/security/Bulletin/MS07-036.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |