Microsoft Excel Malformed Range Memory Corruption Vulnerability

Microsoft Excel is susceptible to a remote code-execution vulnerability. This issue was originally disclosed through an eBay auction that has since been terminated.

This issue is due to the application's failure to properly bounds-check user-supplied input data in the 'Named Range' definition in Excel data files. This results in the corruption of critical memory sections, allowing code execution.


Privacy Statement
Copyright 2010, SecurityFocus