TITLE:
Microsoft Excel Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID:
SA20686
RELEASE DATE:
2006-06-16
VERIFY ADVISORY:
http://secunia.com/advisories/20686/
CRITICAL:
Extremely critical
WHERE:
From remote
IMPACT:
System access
SOFTWARE:
Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office XP
DESCRIPTION:
A vulnerability has been discovered in Microsoft Excel, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unknown error within the
processing of specially crafted Excel documents.
Successful exploitation allows execution of arbitrary code.
The vulnerability has been confirmed on a fully updated Windows XP SP2
system with Microsoft Excel 2003 SP2. Other versions may also be affected.
NOTE: This vulnerability is a so-called 0-day and is already being
actively exploited.
SOLUTION:
Don't open untrusted Excel documents.
REPORTED BY CREDITS:
Discovered in the wild.
ORIGINAL ADVISORY:
Microsoft:
http://blogs.technet.com/msrc/archive/2006/06/16/436174.aspx
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/rules.htm
Contact list owner <[EMAIL PROTECTED]>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
