2006年7月9日

[NEWS]Another security hole found in Excel

A hole in Microsoft Excel has been identified that could allow attackers to take control of a computer, a security group said Thursday--the third vulnerability affecting the popular spreadsheet program to surface in less than a month.

The flaw is due to a memory corruption error that occurs when handling or repairing a document containing overly long styles, the French Security Incident Response Team said in an advisory.

The flaw, which affects Excel 2000, 2002 and 2003 and Office 2000, XP and 2003, "could be exploited by attackers to execute arbitrary commands by convincing a user to open and repair a specially crafted Excel file," the advisory said.
http://news.zdnet.com/2100-1009_22-6091480.html