GFI LANguard - Vulnerability scanning and patch management. Download a free trial!

Main Menu

Free Services

Critical Alerts

- 28 May 2008

Adobe Flash Player Unspecified Remote Code Execution Vulnerability

 

- 11 Mar 2008

Microsoft Excel Multiple Remote Code Execution Vulnerabilities

 

- 16 Jan 2008

Microsoft Excel File Handling Remote Arbitrary Code Execution Vulnerability

 

- 13 Dec 2007

JustSystems Ichitaro "JSGCI.DLL" Document Processing Remote Buffer Overflow Vulnerability

 

- 11 Dec 2007

Microsoft Internet Explorer Multiple Remote Memory Corruption Vulnerabilities

 

Advisories » Microsoft Excel Multiple Remote Code Execution Vulnerabilities

 

Release Date: 11/03/2008 Severity: Extremely Critical Extremely Critical
SecWatch Advisory: SWID1020624 Cause: Not specified
Solution Status: Unknown Impact: Execution of arbitrary code
Exploit Status: Exploit Available Access Vector: From remote
 
Affected Software: Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel Viewer 2003
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 20
Microsoft Office Excel 2007
 
References: FrSIRT/ADV-2008-0846
CVE: CVE-2008-0111 CVE-2008-0112 CVE-2008-0114 CVE-2008-0115 CVE-2008-0116 CVE-2008-0117
Microsoft: MS08-014
Secunia: SA28506

 

Description:

Multiple vulnerabilities have been reported in Microsoft Excel, which can be exploited by remote users to compromise a user's system.

Multiple errors exist when processing crafted Excel documents containing malformed data (e.g. Style Record, Formula, Rich Text, or Macro), which can be exploited to execute arbitrary code by e.g. tricking a user into opening a crafted Excel file.

 

Proof of Concept:

Demonstration exploit code is available:
http://secwatch.org/exploits/2008/03/zha0_ms08_014.rar.info

 

Solution:

The vulnerabilities have been fixed, apply patches:
http://www.microsoft.com/techn...ecurity/Bulletin/MS08-014.mspx

 

Credits:

iDefense Labs, Yoshiya Sasaki of JFE Systems, Bing Liu of Fortinet, Moti Joseph and Dan Hubbard of Websense Security Labs.

 

Free Vulnerability Notification Service

Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.

 

Related Vulnerabilities and Exploits

21 Mar 08: Microsoft Office Excel Code Execution Exploit (M.. (zha0_ms08_014.rar)

16 Jan 08: Microsoft Excel File Handling Remote Arbitrary Code Execution Vul..

09 Oct 07: Microsoft Word Unspecified Remote Memory Corruption Vulnerability..

15 Feb 07: Microsoft Word Unspecified Document Handling Remote Memory Corrup..

05 Feb 07: Microsoft Office Unspecified Remote Command Execution Vulnerabili..

[more ...]