Multiple vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.

1) An error within the processing of IMDATA records can be exploited to corrupt memory via a file containing a specially crafted IMDATA record.

2) An error when processing records can be exploited to corrupt memory via a file containing a specially crafted record.

3) An error when processing strings can be exploited to corrupt memory via a file containing a specially crafted string.

4) An error when processing column records can be exploited to corrupt memory via a file containing a column record with in out-of-range value.

5) A boundary error when processing palette records can be exploited to cause a heap-based buffer overflow via a file containing a specially crafted palette record with a large amount of entries.

Successful exploitation of the vulnerabilities allows execution of arbitrary code.

Solution
Apply patches.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) Jeff Gennari, US-CERT.
2) Jie Ma, Fortinet Security Research Team.
3) NSFocus Security Team.
4) Greg MacManus, iDefense Labs.
5) Greg MacManus, iDefense Labs.

Changelog
Further details available to Secunia VIM customers

Original Advisory
MS07-002 (KB927198):
http://www.microsoft.com/technet/security/Bulletin/MS07-002.mspx

Fortinet:
http://www.fortiguardcenter.com/advisory/FGA-2007-01.html

US-CERT VU#749964:
http://www.kb.cert.org/vuls/id/749964

iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=460
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=461

Other references
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers