Computer Security
[EN] no-pyccku

Related information

  Microsoft Office multiple vulnerabilities

  [Full-disclosure] [xfocus-SD-
060314]Microsoft Office Excel Buffer Overflow Vulnerability

  [Full-disclosure] [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution

  Microsoft Security Bulletin MS06-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)

  Fortinet Security Advisory: FSA-2006-09

From:Fortinet Research <vulnmoniter_(at)>
Subject:Fortinet Security Advisory: FSA-2006-08

Fortinet Security Advisory: FSA-2006-08

Microsoft Excel Column Index Improper Memory Access

Advisory Date      : March 14, 2006                     
Reported Date      : January 24, 2006
Vendor             : Microsoft                  
Affected Products  : Microsoft Excel 2003 Chinese Version
                    Windows XP Home Edition Chinese Version and
                    possible all versions of Microsoft Excel.
Severity           : High
Reference          :
Description        : Fortinet Security Research Team (FSRT) has discovered a Improper Memory Access
Vulnerability in the Microsoft Excel software. This vulnerability is due to Microsoft Excel's manipulation of
opcode 0x001D, when provided with a random Column Index, it will cause a Improper Memory Access. An remote
attacker could construct a .xls file and put it on controlled web site. When the user opens the .xls file
with Microsoft Internet Explorer, the browser will call Microsoft Excel to open the .xls file automatically,
and this will cause Microsoft Excel to crash. If excel file is specially crafted, it may allow attackers to
execute arbitrary code on the affected system.

Impact             : Execution of arbitrary code leading to system compromise.

Solution           : Microsoft has released a update for this vulnerability, which is available for
downloading from Microsoft web site, see reference.

Fortinet Protection: FortiGate series of security systems have been updated to detect exploits targeting
this vulnerability.

Acknowledgment     : Dejun Meng of Fortinet Security Research team found this vulnerability.

Disclaimer         : Although Fortinet has attempted to provide accurate information in these materials,
Fortinet assumes no legal responsibility for the accuracy or completeness of the information. More specific
information is available on request from Fortinet. Please note that Fortinet's product information does not
constitute or contain any guarantee, warranty or legally binding representation, unless expressly identified
as such in a duly signed writing.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod