Technical Cyber Security Alert TA06-073A - Microsoft has released updates that address critical vulnerabilities in Microsoft Office and Excel. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
1ecf1950da060f73d8c84b791e2a2fdb436c6ef300126811c5f2221dda6ff9cc
Fortinet Security Advisory: FSA-2006-09 - Fortinet Security Research Team (FSRT) has discovered a improper stack overflow vulnerability in the Microsoft Excel software. This vulnerability is due to Microsoft Excel's manipulation of opcode 0x0218, when provided with a large Formula Size, it will cause a stack overflow. An remote attacker could construct a .xls file and put it on controlled web site. When the user opens the .xls file with Microsoft Internet Explorer, the browser will call Microsoft Excel to open the .xls file automatically, and this will cause Microsoft Excel to crash. If excel file is specially crafted, it may allow attackers to execute arbitrary code on the affected system.
16c513406c9b8eb2fa4c22dab9875ea3b88c39027021cbaa2f2e053132b54f34
Fortinet Security Advisory: FSA-2006-08 - Fortinet Security Research Team (FSRT) has discovered a improper memory access vulnerability in the Microsoft Excel software. This vulnerability is due to Microsoft Excel's manipulation of opcode 0x001D, when provided with a random Column Index, it will cause a Improper Memory Access. An remote attacker could construct a .xls file and put it on controlled web site. When the user opens the .xls file with Microsoft Internet Explorer, the browser will call Microsoft Excel to open the .xls file automatically, and this will cause Microsoft Excel to crash. If excel file is specially crafted, it may allow attackers to execute arbitrary code on the affected system.
dc9856cf4ccaafabc94f927fb1c3ed7a4f3095e88f27bb0e22a383e59fe370ae