Microsoft Excel Unspecified Code Execution Vulnerability
Secunia Advisory: SA20686
Release Date: 2006-06-16
Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office XP
A vulnerability has been discovered in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unknown error within the processing of specially crafted Excel documents.
Successful exploitation allows execution of arbitrary code.
The vulnerability has been confirmed on a fully updated Windows XP SP2 system with Microsoft Excel 2003 SP2. Other versions may also be affected.
NOTE: This vulnerability is a so-called 0-day and is already being actively exploited.
Solution: Don't open untrusted Excel documents.
Provided and/or discovered by: Discovered in the wild.
Original Advisory: Microsoft: http://blogs.technet.com/msrc/archiv...16/436174.aspx