Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   Microsoft Excel Vendors:   Microsoft
Microsoft Excel Unspecified Stack Overflow May Let Remote Users Cause Arbitrary Code to Be Executed
SecurityTracker Alert ID:  1015333
SecurityTracker URL:
CVE Reference:   CVE-2005-4131   (Links to External Site)
Updated:  Mar 14 2006
Original Entry Date:  Dec 8 2005
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2000, 2002, 2003; Excel X for Mac; Excel 2004 for Mac
Description:   A vulnerability was reported in Microsoft Excel. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted Excel document that, when loaded by the target user, will trigger a stack overflow and potentially execute arbitrary code. The code will run with the privileges of the target user. No further details were provided.

fearwall reported this vulnerability in an eBay offering (eBay Item number: 7203336538).

Impact:   A remote user can create a file that, when loaded by the target user, will cause arbitrary code to be executed on the target user's system.
Solution:   The vendor has issued a fix for the Excel vulnerability was part of the following MS06-012 fixes. [Editor's note: Though this particular vulnerability only affects Excel, the MS06-012 release includes fixes for other vulnerabilities and so they are listed below.]

Microsoft Word 2000:

Microsoft Excel 2000:

Microsoft Outlook 2000:

Microsoft PowerPoint 2000:

Microsoft Office 2000 MultiLanguage Packs:

Microsoft Word 2002:

Microsoft Excel 2002:

Microsoft Outlook 2002:

Microsoft PowerPoint 2002:

Microsoft Office XP Multilingual User Interface Packs:

Microsoft Excel 2003:

Microsoft Excel 2003 Viewer:

Microsoft Works Suite 2000:

Microsoft Works Suite 2001:

Microsoft Works Suite 2002:

Microsoft Works Suite 2003:

Microsoft Works Suite 2004:

Microsoft Works Suite 2005:

Microsoft Works Suite 2006:

Microsoft Office X for Mac:

Microsoft Office 2004 for Mac:

A restart is required.

The vendor's advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (macOS/OS X), Windows (2000), Windows (2003), Windows (XP)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, LLC