CVE-2007-0031

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac

Description A heap-based buffer overflow issue exists, allowing user-assisted remote attackers to execute arbitrary code. This occurs when a BIFF8 spreadsheet with a PALETTE record containing a large number of entries is processed. The vulnerability is related to the parsing of files and the processing of a malformed Palette record.

Recommendations For Microsoft Excel 2000 SP3, update to a version that includes the fix for this issue. For Microsoft Excel 2002 SP3, update to a version that includes the fix for this issue. For Microsoft Excel 2003 SP2, update to a version that includes the fix for this issue. For Microsoft Excel 2004 for Mac, update to a version that includes the fix for this issue. For Microsoft Excel v.X for Mac, update to a version that includes the fix for this issue.