Intrusion Prevention

MS.Excel.FBI.Record.Memory.Corruption

Description

This indicates a possible attempt to exploit a memory corruption vulnerability in Microsoft Excel that may allow user assisted remote attackers to execute arbitrary code via a crafted "set font" value in an Excel file.

Affected Products

Microsoft Excel Viewer 2003
Microsoft Excel 2007
Microsoft Excel 2004 for Mac
Microsoft Excel 2003 SP3
Microsoft Excel 2003 SP2
Microsoft Excel 2003 SP1
Microsoft Excel 2003
Microsoft Excel 2002 SP3
Microsoft Excel 2002 SP2
Microsoft Excel 2002 SP1
Microsoft Excel 2002
Microsoft Excel 2000 SP3
Microsoft Excel 2000 SP2
Microsoft Excel 2000
Avaya CIE 1.0

Impact

Privilege escalation.

Recommended Actions

Microsoft has released a fixes to address this issue.
http://www.microsoft.com/technet/security/bulletin/ms07-023.mspx

CVE References

CVE-2007-1203