Microsoft Excel Indexing Validation Vulnerability
Gravité: : Critique
Identifiant(s) CVE: : CVE-2008-3004,MS08-043
Date du conseil: 21 juillet 2015
Description
Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Indexing Validation Vulnerability."
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1002704
Trend Micro Deep Security DPI Rule Name: 1002704 - Microsoft Excel Indexing Validation Vulnerability
Affected software and version:
- microsoft office 2000
- microsoft office 2002
- microsoft office 2003
- microsoft office 2004
- microsoft office 2008
- microsoft office_excel_viewer 2003