iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. An invalid value of the length field in the record header can trigger an error condition and result in using memory content which has already been freed and may allow arbitrary code execution.
e09343c3f7890e4c5bf50eec1fb9f834e5524c580f5c602204351b7dc18d009c