---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Microsoft Office Excel Multiple Vulnerabilities SECUNIA ADVISORY ID: SA31454 VERIFY ADVISORY: http://secunia.com/advisories/31454/ CRITICAL: Highly critical IMPACT: Exposure of sensitive information, System access WHERE: >From remote SOFTWARE: Microsoft Office 2000 http://secunia.com/product/24/ Microsoft Office 2003 Professional Edition http://secunia.com/product/2276/ Microsoft Office 2003 Small Business Edition http://secunia.com/product/2277/ Microsoft Office 2003 Standard Edition http://secunia.com/product/2275/ Microsoft Office 2003 Student and Teacher Edition http://secunia.com/product/2278/ Microsoft Office XP http://secunia.com/product/23/ Microsoft Office 2007 http://secunia.com/product/13228/ Microsoft Office 2008 for Mac http://secunia.com/product/17922/ Microsoft Office 2004 for Mac http://secunia.com/product/8713/ Microsoft Office Excel Viewer 2007 http://secunia.com/product/19210/ Microsoft Excel Viewer 2003 http://secunia.com/product/7700/ Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats http://secunia.com/product/14165/ Microsoft Office Excel 2007 http://secunia.com/product/14161/ Microsoft Excel 2000 http://secunia.com/product/3054/ Microsoft Excel 2002 http://secunia.com/product/4043/ Microsoft Excel 2003 http://secunia.com/product/4970/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system. 1) Index values are not properly validated when loading Excel files into memory. This can be exploited to corrupt memory via a specially crafted Excel file. Successful exploitation of the vulnerability may allow execution of arbitrary code. 2) An error during processing of array indexes when loading Excel files into memory can be exploited to corrupt memory via a specially crafted Excel file. Successful exploitation of the vulnerability may allow execution of arbitrary code. 3) An error during parsing of certain record values when loading Excel files into memory can be exploited to corrupt memory via a specially crafted Excel file. Successful exploitation of the vulnerability may allow execution of arbitrary code. 4) Passwords strings to remote data sources are not being properly deleted even when configured to not store credentials. This can be exploited to access secured remote data sources by opening an ".xlsx" file. SOLUTION: Apply patches. Excel 2000 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=4bf8688e-e5b9-4e53-a1a1-8cf1acfdb80b Excel 2002 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=9BBF7550-F5C4-4B9B-BD86-1E7BE6C42EB5 Excel 2003 SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=fc612e9a-bdf3-4952-8ada-0de5a50973f0 Excel 2003 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=fc612e9a-bdf3-4952-8ada-0de5a50973f0 Excel 2007: http://www.microsoft.com/downloads/details.aspx?FamilyId=2753e8d6-e156-49ef-af2d-4c521c808ffd Excel 2007 SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=2753e8d6-e156-49ef-af2d-4c521c808ffd Microsoft Office Excel Viewer 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=d7ed9e75-15f2-4950-98b3-93023ba0f4c1 Microsoft Office Excel Viewer 2003 SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=d7ed9e75-15f2-4950-98b3-93023ba0f4c1 Microsoft Office Excel Viewer: http://www.microsoft.com/downloads/details.aspx?FamilyId=b574d906-7f09-49b0-80bf-e84dee8c4583 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats: http://www.microsoft.com/downloads/details.aspx?FamilyId=7afdae9b-9c74-4af7-9844-0e54221ea3b9 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=7afdae9b-9c74-4af7-9844-0e54221ea3b9 Microsoft Office 2004 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyId=EBD3AF0C-3F62-4D18-BF45-881655683BD5 Microsoft Office 2008 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyId=9515C70D-BE80-4ADE-856A-EA542F7D84E1 PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits VeriSign iDefense VCP. 2) The vendor credits VeriSign iDefense VCP. 3) The vendor credits TippingPoint and the Zero Day Initiative. 4) The vendor credits Jeremy Funk. ORIGINAL ADVISORY: MS08-043 (KB954066): http://www.microsoft.com/technet/security/Bulletin/MS08-043.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------