Multiple vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.

1) Index values in "AxesSet" records are not properly validated when loading Excel files into memory. This can be exploited to corrupt memory via a specially crafted Excel file.

Successful exploitation of the vulnerability may allow execution of arbitrary code.

2) An error during processing of "FORMAT" records when loading Excel files into memory can be exploited to corrupt memory via a specially crafted Excel file containing an out-of-bounds array index.

Successful exploitation of the vulnerability may allow execution of arbitrary code.

3) An error during parsing of Country (0x8c) record values when loading Excel files into memory can be exploited to corrupt memory via a specially crafted Excel file.

Successful exploitation of the vulnerability may allow execution of arbitrary code.

4) Passwords strings to remote data sources are not being properly deleted even when configured to not store credentials. This can be exploited to access secured remote data sources by opening an ".xlsx" file.

Solution
Apply patches.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) An anonymous person, reported via VeriSign iDefense VCP.
2) An anonymous person, reported via VeriSign iDefense VCP.
3) An anonymous person, reported via TippingPoint and the Zero Day Initiative.
4) The vendor credits Jeremy Funk.

Changelog
Further details available to Secunia VIM customers

Original Advisory
MS08-043 (KB954066):
http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx

iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=740
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=741

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-048/

Deep Links
Links available to Secunia VIM customers