Thread: Microsoft Office Unspecified String Handling Vulnerability
View Single Post
Old 04-02-2007, 11:54   #1
pedantic
Inactive
 
Join Date: Mar 2004
Location: Swinton
Services: O2 standard
Posts: 2,499
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
Send a message via Yahoo to pedantic
Microsoft Office Unspecified String Handling Vulnerability
Linky

Quote:
Critical: Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Quote:
A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error when handling strings and can be exploited to cause a memory corruption.

Successful exploitation allows execution of arbitary code.

NOTE: According to Microsoft, the vulnerability is currently being actively exploited via Excel, but other Office applications may also be affected.

Solution:
Do not open untrusted Office documents
pedantic is offline   Reply With Quote