|
Microsoft Excel Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA23676
|
|
|
Release Date:
|
2007-01-09
|
|
Last Update:
|
2008-05-15
|
|
Popularity:
|
17,056 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office Excel Viewer 2003
Microsoft Office X for Mac
Microsoft Office XP
Microsoft Works Suite 2004
Microsoft Works Suite 2005
|
|
|
Binary Analysis:
|
BA1 :: Available for 1 Credit 
BA26 :: Available for 1 Credit
BA27 :: Available for 1 Credit
BA28 :: Available for 1 Credit
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| CVE reference: | CVE-2007-0027
CVE-2007-0028
CVE-2007-0029
CVE-2007-0030
CVE-2007-0031
CVE-2006-3432
|
|
Description:
Multiple vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.
1) An error within the processing of IMDATA records can be exploited to corrupt memory via a file containing a specially crafted IMDATA record.
2) An error when processing records can be exploited to corrupt memory via a file containing a specially crafted record.
3) An error when processing strings can be exploited to corrupt memory via a file containing a specially crafted string.
4) An error when processing column records can be exploited to corrupt memory via a file containing a column record with in out-of-range value.
5) A boundary error when processing palette records can be exploited to cause a heap-based buffer overflow via a file containing a specially crafted palette record with a large amount of entries.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.
Solution:
Apply patches.
Note: Microsoft has re-released the patches to fix an issue wherein users of Excel 2000 are unable to open certain types of Excel files.
Microsoft Excel 2000:
http://www.microsoft.com/downloads/de...=5CCF4455-6B22-4249-93D7-661D12839292
Microsoft Excel 2002:
http://www.microsoft.com/downloads/de...=EE7278EA-3AEE-4994-9657-66019961D63C
Microsoft Excel 2003:
http://www.microsoft.com/downloads/de...=79B88CE8-5C56-462F-AC1A-4BCE04C8F543
Microsoft Office Excel Viewer 2003:
http://www.microsoft.com/downloads/de...=99AE7653-F0FD-4DBA-A151-098FD03E6EA4
Microsoft Works Suite 2004:
http://www.microsoft.com/downloads/de...=EE7278EA-3AEE-4994-9657-66019961D63C
Microsoft Works Suite 2005:
http://www.microsoft.com/downloads/de...=EE7278EA-3AEE-4994-9657-66019961D63C
Microsoft Office 2004 for Mac:
http://www.microsoft.com/mac/
Microsoft Office v. X for Mac:
http://www.microsoft.com/mac/
Provided and/or discovered by:
1) Jeff Gennari, US-CERT.
2) Jie Ma, Fortinet Security Research Team.
3) NSFocus Security Team.
4) Greg MacManus, iDefense Labs.
5) Greg MacManus, iDefense Labs.
Changelog:
2007-01-09: Added CVE identifier. Added information about additional vulnerabilities.
2007-01-10: Added US-CERT references.
2007-01-11: Added CVE reference.
2007-01-19: Added additional references and updated "Solution" section to include information on the re-release of the patches.
2008-05-15: Updated Fortinet link.
Original Advisory:
MS07-002 (KB927198):
http://www.microsoft.com/technet/security/Bulletin/MS07-002.mspx
Fortinet:
http://www.fortiguardcenter.com/advisory/FGA-2007-01.html
US-CERT VU#749964:
http://www.kb.cert.org/vuls/id/749964
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=460
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=461
Other References:
KB931183:
http://support.microsoft.com/kb/931183
MSRC:
http://blogs.technet.com/msrc/archive...lease-of-ms07-002-for-excel-2000.aspx
US-CERT VU#302836:
http://www.kb.cert.org/vuls/id/302836
US-CERT VU#493185:
http://www.kb.cert.org/vuls/id/493185
US-CERT VU#625532:
http://www.kb.cert.org/vuls/id/625532
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
