Vulnerabilities In Microsoft Office Excel Could Allow Remote Code Execution (959070) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS08-074.

Impact

Successful exploitation could execute arbitrary code on the remote system and corrupt memory via a specially crafted Excel Spreadsheet (XLS) file. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx

Insight

The flaws are due to - an error while validating an index value in a NAME record. - an error in the processing of Excel records. - an error in the processing of Excel formula.

Affected

Microsoft Windows 2K/XP/2003

References

http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-4264, CVE-2008-4265, CVE-2008-4266

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)
Microsoft .NET Framework Remote Code Execution Vulnerability (3000414)
Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
Cumulative Security Update for Internet Explorer (972260)

Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)

Take action and discover your vulnerabilities