Intrusion Prevention

MS.Excel.BIFF.Chart.Record.Index.Code.Execution

Description

This indicates an attack attempt to exploit a memory corruption vulnerability
in Microsoft Excel.
The vulnerability is caused by an error that occurs when the vulnerable
software handles a malicious XLS file. A remote attacker may exploit this to
execute arbitrary code via a crafted XLS file.

Affected Products

Microsoft Office 2008 for Mac 0
Microsoft Office 2004 for Mac 0
Microsoft Office 2000 SP3
Microsoft Excel Viewer 2003 0
Microsoft Excel 2003 SP3
Microsoft Excel 2003 SP2
Microsoft Excel 2002 SP3
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server 0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site.
http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx

CVE References

CVE-2008-3004