MS.Excel.Richtext.SST.Record.Code

Name	MS.Excel.Richtext.SST.Record.Code.Execution
Release Date	Aug 06, 2009
Severity	Critical
Impact	System compromise
Description	This indicates an attack attempt against a remote code-execution vulnerability in Microsoft Excel. The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code.
Affected Products	Microsoft Excel 2000 Service Pack 3 Microsoft Excel 2002 Service Pack 3 Microsoft Excel 2003 Service Pack 2 Microsoft Excel 2007
Recommended Actions	Apply the patch available at the vendor's web site: http://www.microsoft.com/technet/security/bulletin/MS08-014.mspx
Common Vulnerabilities and Exposures (CVE)	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0116
Microsoft Bulletin ID	MS08-014 http://www.microsoft.com/technet/security/Bulletin/ms08-014.mspx
Reference/s	http://www.vupen.com/english/advisories/2008/0846 (FrSIRT) http://www.milw0rm.com/exploits/5287

Reference: VID-15476