A vulnerability in the way Microsoft Office parses files containing malformed chart records may lead to execution of arbitrary code.
Microsoft Office fails to properly handle malformed chart records. According to Microsoft Security Bulletin MS06-062:
When Office opens a specially crafted file and parses a malformed chart record, it may corrupt system memory in such a way that an attacker could execute arbitrary code.
A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the affected user or cause a denial-of-service condition.
Do not open untrusted Microsoft Office documents
This vulnerability was reported in Microsoft Security Bulletin MS06-062 . Microsoft credits Arnaud Dovi working with the TippingPoint and the Zero Day Initiative for reporting this issue.
|Date First Published:||2006-10-11|
|Date Last Updated:||2006-11-17 20:04 UTC|