Rated as : Critical
![](https://i-blog.csdnimg.cn/blog_migrate/a3e47df2c7a17272eda21bc5befc14fb.png)
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-03-15
Technical Description
Multiple vulnerabilities have been identified in Microsoft Office, which could be exploited by remote attackers to execute arbitrary commands.
The first issue is due to a memory corruption error in Excel when handling a malformed range, which could be exploited by attackers to compromise a vulnerable system via a malicious document.
The second flaw is due to a memory corruption error in Office when handling a specially crafted "routing slip", which could be exploited by attackers to compromise a vulnerable system via a malicious document.
The third vulnerability is due to a memory corruption error in Excel when handling malformed BOOLERR records in a BIFF file, which could be exploited by attackers to compromise a vulnerable system via a malicious document.
The fourth flaw is due to a memory corruption error in Excel when handling a specially crafted description, which could be exploited by attackers to compromise a vulnerable system via a malicious document.
The fifth issue is due to a memory corruption error in Excel when handling specially crafted graphics, which could be exploited by attackers to compromise a vulnerable system via a malicious document.
The sixth vulnerability is due to a memory corruption error in Excel when handling malformed records, which could be exploited by attackers to compromise a vulnerable system via a malicious Excel document.
Affected Products
Microsoft Office 2000 Service Pack 3
Microsoft Word 2000
Microsoft Excel 2000
Microsoft Outlook 2000
Microsoft PowerPoint 2000
Microsoft Office 2000 MultiLanguage Packs
Microsoft Office XP Service Pack 3
Microsoft Word 2002
Microsoft Excel 2002
Microsoft Outlook 2002
Microsoft PowerPoint 2002
Microsoft Office XP Multilingual User Interface Packs
Microsoft Office 2003 Service Pack 1
Microsoft Office 2003 Service Pack 2
Microsoft Excel 2003
Microsoft Excel 2003 Viewer
Microsoft Works Suite 2000
Microsoft Works Suite 2001
Microsoft Works Suite 2002
Microsoft Works Suite 2003
Microsoft Works Suite 2004
Microsoft Works Suite 2005
Microsoft Works Suite 2006
Microsoft Office X for Mac
Microsoft Excel X for Mac
Microsoft Office 2004 for Mac
Microsoft Excel 2004 for Mac
Solution
Apply patches :
http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx
References
http://www.frsirt.com/english/advisories/2006/0950
http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx
Credits
Vulnerabilities reported by Peter Winter-Smith, Ollie Whitehouse, Arnaud Dovi, Dejun Meng, Eyas and the vendor.
ChangeLog
2006-03-15 : Initial release