Microsoft Excel Indexing Validation Vulnerability

  Severity: CRITICAL
  CVE Identifier: CVE-2008-3004,MS08-043
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Indexing Validation Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1002704
  Trend Micro Deep Security DPI Rule Name: 1002704 - Microsoft Excel Indexing Validation Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • microsoft office 2000
  • microsoft office 2002
  • microsoft office 2003
  • microsoft office 2004
  • microsoft office 2008
  • microsoft office_excel_viewer 2003