SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Microsoft Excel Vendors:   Microsoft
Microsoft Excel Unspecified Stack Overflow May Let Remote Users Cause Arbitrary Code to Be Executed
SecurityTracker Alert ID:  1015333
SecurityTracker URL:  http://securitytracker.com/id/1015333
CVE Reference:   CVE-2005-4131   (Links to External Site)
Updated:  Mar 14 2006
Original Entry Date:  Dec 8 2005
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2000, 2002, 2003; Excel X for Mac; Excel 2004 for Mac
Description:   A vulnerability was reported in Microsoft Excel. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted Excel document that, when loaded by the target user, will trigger a stack overflow and potentially execute arbitrary code. The code will run with the privileges of the target user. No further details were provided.

fearwall reported this vulnerability in an eBay offering (eBay Item number: 7203336538).

Impact:   A remote user can create a file that, when loaded by the target user, will cause arbitrary code to be executed on the target user's system.
Solution:   The vendor has issued a fix for the Excel vulnerability was part of the following MS06-012 fixes. [Editor's note: Though this particular vulnerability only affects Excel, the MS06-012 release includes fixes for other vulnerabilities and so they are listed below.]

Microsoft Word 2000:

http://www.microsoft.com/downloads/details.aspx?FamilyId=CD2179FD-37F5-4D09-B653-0174651CF5E4

Microsoft Excel 2000:

http://www.microsoft.com/downloads/details.aspx?FamilyId=C9433440-31EF-4C18-A0C7-B595EA23F6FC

Microsoft Outlook 2000:

http://www.microsoft.com/downloads/details.aspx?FamilyId=2B231231-AC83-4688-9C8D-DCDCB544FB3C

Microsoft PowerPoint 2000:

http://www.microsoft.com/downloads/details.aspx?FamilyId=F24D4BD0-4771-4688-B52A-02D4EABB1574

Microsoft Office 2000 MultiLanguage Packs:

http://www.microsoft.com/downloads/details.aspx?FamilyId=0AAA1700-766F-4979-B51F-AAA0A24EF2E8

Microsoft Word 2002:

http://www.microsoft.com/downloads/details.aspx?FamilyId=8B98A5FE-7A26-45F0-8D28-C9618FA7A458&displaylang=en

Microsoft Excel 2002:

http://www.microsoft.com/downloads/details.aspx?FamilyId=643337C7-8A47-4FA3-AB58-7A916B33607D&displaylang=en

Microsoft Outlook 2002:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9B0D4441-4F88-4B59-A4F3-6FB558EF8135

Microsoft PowerPoint 2002:

http://www.microsoft.com/downloads/details.aspx?FamilyId=C74CB45B-CF92-4EFC-8DBE-DBF4BDEBE215

Microsoft Office XP Multilingual User Interface Packs:

http://www.microsoft.com/downloads/details.aspx?FamilyId=589D9ABB-6308-4208-881C-CE58D6972E1F&displaylang=en

Microsoft Excel 2003:

http://www.microsoft.com/downloads/details.aspx?FamilyId=AC22F83A-B409-4469-984E-6C19D8F5FE41&displaylang=en

Microsoft Excel 2003 Viewer:

http://www.microsoft.com/downloads/details.aspx?FamilyId=7DBADBD1-0542-475B-91B5-90DD2AF2C0FC&displaylang=en

Microsoft Works Suite 2000:

http://www.microsoft.com/downloads/details.aspx?FamilyId=CD2179FD-37F5-4D09-B653-0174651CF5E4&displaylang=en

Microsoft Works Suite 2001:

http://www.microsoft.com/downloads/details.aspx?FamilyId=CD2179FD-37F5-4D09-B653-0174651CF5E4&displaylang=en

Microsoft Works Suite 2002:

http://www.microsoft.com/downloads/details.aspx?FamilyId=8B98A5FE-7A26-45F0-8D28-C9618FA7A458&displaylang=en

Microsoft Works Suite 2003:

http://www.microsoft.com/downloads/details.aspx?FamilyId=8B98A5FE-7A26-45F0-8D28-C9618FA7A458&displaylang=en

Microsoft Works Suite 2004:

http://www.microsoft.com/downloads/details.aspx?FamilyId=8B98A5FE-7A26-45F0-8D28-C9618FA7A458&displaylang=en

Microsoft Works Suite 2005:

http://www.microsoft.com/downloads/details.aspx?FamilyId=8B98A5FE-7A26-45F0-8D28-C9618FA7A458&displaylang=en

Microsoft Works Suite 2006:

http://www.microsoft.com/downloads/details.aspx?FamilyId=8B98A5FE-7A26-45F0-8D28-C9618FA7A458&displaylang=en

Microsoft Office X for Mac:

http://www.microsoft.com/mac/

Microsoft Office 2004 for Mac:

http://www.microsoft.com/mac/

A restart is required.

The vendor's advisory is available at:

http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx

Vendor URL:  www.microsoft.com/technet/security/Bulletin/MS06-012.mspx (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (macOS/OS X), Windows (2000), Windows (2003), Windows (XP)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC