Vulnerabilities In Microsoft Office Excel Could Allow Remote Code Execution (959070) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS08-074.

Impact

Successful exploitation could execute arbitrary code on the remote system and corrupt memory via a specially crafted Excel Spreadsheet (XLS) file. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx

Insight

The flaws are due to - an error while validating an index value in a NAME record. - an error in the processing of Excel records. - an error in the processing of Excel formula.

Affected

Microsoft Windows 2K/XP/2003

References

http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-4264, CVE-2008-4265, CVE-2008-4266

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerability (970710)
Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (972270)
Microsoft Expression Design Remote Code Execution Vulnerability (2651018)
Host Integration Server RPC Service Remote Code Execution Vulnerability (956695)
Microsoft .NET Framework Remote Code Execution Vulnerability (2671605)

Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)

Take action and discover your vulnerabilities