Intrusion Prevention

MS.Excel.Conditional.Formatting.Stack.Overflow

Description

This indicates an attempt to exploit a remote code execution vulnerability in Microsoft Excel.
The vulnerability is a result of the software's failure or correctly handle conditional formatting values. It can lead to an exploitable stack overrun when processing conditional formatting BIFF records from a worksheet in the Workbook stream.

Affected Products

Microsoft Office Excel 2000 Service Pack 3
Microsoft Office Excel 2002 Service Pack 3
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac

Impact

System Compromise: remote attackers can execute code on vulnerable systems.

Recommended Actions

Apply patch, available from the web site.
http://www.microsoft.com/technet/security/Bulletin/ms08-014.mspx

CVE References

CVE-2008-0117