|
|
| Details : SecurityAlert |
|
|
Topic : | Microsoft Excel Formula Size Stack Overflow
|
SecurityAlert : 585
CVE : CVE-2006-0029
SecurityRisk : High (About)
Remote Exploit : Yes
Local Exploit : No
Exploit Given : No
Credit : Fortinet Research
Published : 15.03.2006
Affected Software : | Microsoft Excel 2003 Chinese Version
Windows XP Home Edition Chinese Version and
possible all versions of Microsoft Excel. |
 Advisory Text : Fortinet Security Advisory: FSA-2006-09
Microsoft Excel Formula Size Stack Overflow
Advisory Date : March 14, 2006
Reported Date : January 24, 2006
Vendor : Microsoft
Affected Products : Microsoft Excel 2003 Chinese Version
Windows XP Home Edition Chinese Version and
possible all versions of Microsoft Excel.
Severity : High
Reference :
http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0029
http://www.securityfocus.com/bid/15780
Description : Fortinet Security Research Team (FSRT) has discovered a
Improper Stack Overflow Vulnerability in the Microsoft Excel software.
This vulnerability is due to Microsoft Excel's manipulation of opcode
0x0218, when provided with a large Formula Size, it will cause a stack
overflow. An remote attacker could construct a .xls file and put it on
controlled web site. When the user opens the .xls file with Microsoft
Internet Explorer, the browser will call Microsoft Excel to open the .xls
file automatically, and this will cause Microsoft Excel to crash. If excel
file is specially crafted, it may allow attackers to execute arbitrary code
on the affected system.
Impact : Execution of arbitrary code leading to system
compromise.
Solution : Microsoft has released a update for this vulnerability, which
is available for downloading from Microsoft web site, see reference.
Fortinet Protection: FortiGate series of security systems have been updated
to detect exploits targeting this vulnerability.
Acknowledgment : Dejun Meng of Fortinet Security Research team found
this vulnerability.
Disclaimer : Although Fortinet has attempted to provide accurate
information in these materials, Fortinet assumes no legal responsibility
for the accuracy or completeness of the information. More specific
information is available on request from Fortinet. Please note that
Fortinet's product information does not constitute or contain any
guarantee, warranty or legally binding representation, unless expressly
identified as such in a duly signed writing.
Feedback :
If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
|
|
|
|