42725 : Microsoft Excel XLS Malformed Formula Memory Corruption
Printer | http://osvdb.org/42725 | Email This | Edit Vulnerability

Views This Week

Views All Time

157

Info

Last Modified

9 months ago

Percent Complete

Disclosure

Mar 11, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

This Entry needs help! It is only 0% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Description

(Description Provided by CVE) : Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability."

Classification

Unknown or Incomplete

Products

Unknown or Incomplete

References

Security Tracker: 1019585
Related OSVDB ID: 42723 42724 42730 42731 42732
CVE ID: 2008-0115 (see also: NVD)
Bugtraq ID: 28167
FrSIRT Advisory: ADV-2008-0846
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-03/0316.html
http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0195.html
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=672
Generic Exploit URL: http://www.chroot.org/exploits/zha0_ms08_014.rar
News Article: http://www.vnunet.com/vnunet/news/2212451/microsoft-issues-security
Microsoft Security Bulletin: MS08-014
CERT: TA08-071A

Tools & Filters

Nessus	31413

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

2008/03/12 16:15:14 | Patch Tuesday Plugs 12 Holes in Microsoft Office

from: jenniferleclaire.com

On Patch Tuesday, Microsoft [ Relevant Products/Services] fixed 12 vulnerabilities in four security [ Relevant Products/Services] bulletins. Every one of them fixes bugs in Microsoft Office.Included is a fix for the zero-day remote-code vulnerability in Excel. The exploit was made public in January and is corrected by the MS08-014 patch

2008/03/12 13:21:34 | Patch Tuesday Plugs 12 Holes in Microsoft Office

from: TipAdept Dot Com

On Patch Tuesday, Microsoft fixed 12 vulnerabilities in four security bulletins. Every one of them fixes bugs in Microsoft Office. Included is a fix for the zero-day remote-code vulnerability in Excel. The exploit was made public in January and is corrected by the MS08-014 patch that addresses seven vulnerabilities in Excel

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Products

References

Tools & Filters

Credit

Blogs

Comments