| VID |
26426 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS09-021, 969462) for 'Remote Code Execution Vulnerabilities in Microsoft Excel' has not been applied. This update resolves several newly discovered, privately reported and public vulnerabilities. The remote host contains a version of Microsoft Excel / Excel Viewer / 2007 Microsoft Office system or the Microsoft Office Compatibility Pack that is affected by several buffer overflow and memory corruption vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted Excel file, he may be able to leverage either of these issues to run arbitrary code on the host subject to the user's privileges.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
* Platforms Affected:
Microsoft Office 2000 SP3 on Microsoft Windows 2000 SP3
Microsoft Office 2002 SP3 on Microsoft Windows XP SP3
Microsoft Office 2003 SP3 on Microsoft Windows 2003 SP3
Microsoft Office Excel 2007 SP1 on Microsoft Office System 2007 SP1
Microsoft Office Excel 2007 SP2 on Microsoft Office System 2007 SP2
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
Microsoft Office Excel Viewer 2003 SP3
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office SharePoint Server 2007 Service Pack 1 (32-bit editions)
Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions)
Microsoft Office SharePoint Server 2007 Service Pack 1 (64-bit editions)
Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions) |
| Recommendation |
Apply the appropriate patch (969462) for your system, as listed in Microsoft Security Bulletin MS09-021 at http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2008-3477,CVE-2008-3471,CVE-2008-4019 (CVE) |
| Related URL |
31702,31705,31706 (SecurityFocus) |
| Related URL |
(ISS) |
|
