CVE-2005-4131 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-4131
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-4131

Description: Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/23537 ST 1015333 1015766 SREASON http://securityreason.com/securityalert/584 http://securityreason.com/securityalert/591 SAID Secunia Advisory: SA19138 Secunia Advisory: SA19238 OSVDB 71 MS http://www.microsoft.com/technet/security/bulletin/ms06-012.mspx MISC http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/ http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=7203336538 http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/ http://news.com.com/2061-10789_3-5988086.html http://www.securityfocus.com/news/11363 http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html http://informationweek.com/story/showArticle.jhtml?articleID=174910198 http://news.zdnet.com/2100-1009_22-5989078.html http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm CERT-VN 642428 CERT http://www.us-cert.gov/cas/techalerts/TA06-073A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/427698/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/427635/100/0/threaded BID 15780

Return to the previous page.