Intrusion Prevention

MS.Excel.Named.Graph.Record.Buffer.Overflow

Description

This indicates a possible exploit of a buffer overflow vulnerability in Microsoft Excel that may allow user assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record.

Affected Products

Microsoft Excel Viewer 2003 0
Microsoft Excel 2003 SP3
Microsoft Excel 2003 SP2
Microsoft Excel 2003 SP1
Microsoft Excel 2003
Microsoft Excel 2002 SP3
Microsoft Excel 2002 SP2
Microsoft Excel 2002 SP1
Microsoft Excel 2002
Microsoft Excel 2000 SP3
Microsoft Excel 2000 SP2
Microsoft Excel 2000 0
Avaya CIE 1.0

Impact

Privilege escalation.

Recommended Actions

Microsoft has released a fix to address this issue.
http://www.microsoft.com/technet/security/bulletin/ms07-023.mspx

CVE References

CVE-2007-0215