Name:
MS.Excel.Calendar.Object.SRP.Stream.Bad.Value
Released Date:
Oct 21 2008
Severity:
critical
CVE:
2008-3477
MS Bulletin:
ms08-057

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a remote code-execution vulnerability in Microsoft Excel.

The vulnerability is caused by the incorrect processing of a VBA Performance Cache. It may allow a remote attacker to execute arbitrary code via opening a crafted Excel file.
 
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
 
Affected Products
Excel 2000 Service Pack 3
Excel 2002 Service Pack 3
Excel 2003 Service Pack 2
Excel 2003 Service Pack 3
Aliases
References
http://www.microsoft.com/technet/security/Bulletin/ms08-057.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-3477
Recommended Actions
Apply the most recent upgrades or patches from the vendor:
http://www.microsoft.com/technet/security/Bulletin/ms08-057.mspx

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED