Lucene search
SAINT CorporationSAINT:5314539866058C6877B34209E8AE1581HistoryMay 24, 2007 - 12:00 a.m.
Microsoft Excel Named Graph record buffer overflow
2007-05-2400:00:00
SAINT Corporation
www.saintcorporation.com
15
0.693 Medium
EPSS
Percentile
97.7%
Added: 05/24/2007
CVE: CVE-2007-0215
BID: 23760
OSVDB: 34393
Background
Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms.
Problem
A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a specially crafted spreadsheet with a long Named Graph record.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 07-023.
References
<http://www.zerodayinitiative.com/advisories/ZDI-07-026.html>
Limitations
Exploit works on Microsoft Excel 2000 SP3 and 2002 SP3 and requires a user to open the exploit file.
Platforms
Windows 2000
Windows XP
Related
saint
saint
Microsoft Excel Named Graph record buffer overflow
2007-05-24 00:00:00
Microsoft Excel Named Graph record buffer overflow
2007-05-24 00:00:00
Microsoft Excel Named Graph record buffer overflow
2007-05-24 00:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability
2007-05-08 00:00:00
Microsoft Excel multiple security vulneraiblities
2007-05-10 00:00:00
zdi
zdi
cvelist
cvelist
CVE-2007-0215
2007-05-09 18:00:00
cve
cve
CVE-2007-0215
2007-05-08 22:19:00
prion
prion
Stack overflow
2007-05-08 22:19:00
