MS.Excel.Selection.Record.cref.Code.Execution
Description
This indicates an attack attempt to exploit a remote code-execution vulnerability in Microsoft Excel.
The vulnerability is caused by an error when the vulnerable software handles an Excel file with a crafted SELECTION Record. This could allow remote attackers to overflow a buffer and execute arbitrary code on the system with the privileges of the currently logged in user.
Affected Products
Microsoft Excel Viewer 2003
Microsoft Excel v.X for Mac
Microsoft Excel 2004 for Mac
Microsoft Excel 2003
Microsoft Excel 2002
Microsoft Excel 2000
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch, available from the following web site:
http://www.microsoft.com/technet/security/Bulletin/MS06-037.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |