Secunia Advisory SA35364Microsoft Excel Multiple Vulnerabilities
|
||||
Description
Multiple vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. 1) An array-indexing error when processing certain records can be exploited to corrupt memory via a specially crafted Excel file. 2) An error when parsing certain records may result in a corrupted pointer being used when opening a specially crafted Excel file. 3) An error when parsing certain records may result in a corrupted object being used when opening a specially crafted Excel file. 4) An error when parsing certain records can be exploited to corrupt memory when opening a specially crafted Excel file. 5) A boundary error when parsing certain records can be exploited to cause a stack-based buffer overflow when opening a specially crafted Excel file. 6) An error when parsing Qsir BIFF records (0x806) may result in a corrupted pointer being used when opening a specially crafted Excel file. 7) An integer overflow error when processing the number of strings in a file can be exploited to cause a heap-based buffer overflow via a specially crafted Excel file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. Solution Provided and/or discovered by Deep Links Do you have additional information related to this advisory?Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com
|
||||
231 views | ![]() |
| Limny Multiple Vulnerabilities | |
327 views | ![]() |
| Ubuntu update for thunderbird | |
234 views | ![]() |
| Debian update for php5 | |