Description: Some vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
1) An error within the string parsing can be exploited to cause a buffer overflow when a malicious Office document containing a malformed string is opened.
2) An integer underflow error in MSO.DLL within the parsing of "Sheet Name" strings can be exploited to cause a buffer overflow when a malicious Office document is opened.
3) An error within the property handling can be exploited to cause a buffer overflow when a malicious Office document containing a malformed property is opened.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.