Vulnerability Note VU#642428
Microsoft Excel fails to properly perform range validation when parsing document files
Microsoft Excel contains an error in range validation, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system.
Microsoft Excel fails to properly validate ranges in data files. When a file with a malformed range is opened in Excel, system memory can be corrupted in a way that may allow an attacker to execute arbitrary code.
By convincing a user to open a specially crafted Excel file, a remote unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
Install an update
Install an update, as specified in Microsoft Security Bulletin MS06-012.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||14 Mar 2006|
CVSS Metrics (Learn More)
This vulnerability was publicly disclosed by fearwall.
This document was written by Will Dormann.
- CVE IDs: CVE-2005-4131
- Date Public: 07 Dec 2005
- Date First Published: 14 Mar 2006
- Date Last Updated: 14 Mar 2006
- Severity Metric: 16.45
- Document Revision: 7
If you have feedback, comments, or additional information about this vulnerability, please send us email.