Microsoft Corporation Information for VU#654577
Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 12 Mar 2008
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
This issue is addressed in Microsoft Security Bulletin MS08-017. This update provides a newer version of MSOWC.DLL, sets the kill bit for the vulnerable versions of the Microsoft Office Spreadsheet control, and sets the phoenix bit to retain compatibility with web pages that refer to the old CLSID for the Spreadsheet control.
If you have feedback, comments, or additional information about this vulnerability, please send us email.