CVE-2008-3006

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel 2000 SP3 Microsoft Office Excel 2002 SP3 Microsoft Office Excel 2003 SP2 and SP3 Microsoft Office Excel 2007 Gold and SP1 Microsoft Office Excel Viewer 2003 Gold and SP3 Microsoft Office Compatibility Pack 2007 Gold and SP1 Microsoft Office SharePoint Server 2007 Gold and SP1 Microsoft Office 2004 and 2008 for Mac

Description A vulnerability exists in the way Excel parses record values when loading Excel files into memory. Depending on the attack scenario, the vulnerability could lead to remote code execution on a user's local Excel client, or it could lead to elevation of privilege within a SharePoint Server. An attacker could exploit the vulnerability by convincing a user to open a specially crafted file, which could be hosted on a Web site or included as an e-mail attachment. In an attack against a SharePoint site, an attacker would first need an account on the SharePoint site with sufficient rights to upload a specially crafted Excel file and then create a web part using the file on the SharePoint site.

Recommendations For Microsoft Office Excel 2000 SP3, update to a newer version to mitigate the risk. For Microsoft Office Excel 2002 SP3, update to a newer version to mitigate the risk. For Microsoft Office Excel 2003 SP2 and SP3, update to a newer version to mitigate the risk. For Microsoft Office Excel 2007 Gold and SP1, update to a newer version to mitigate the risk. For Microsoft Office Excel Viewer 2003 Gold and SP3, update to a newer version to mitigate the risk. For Microsoft Office Compatibility Pack 2007 Gold and SP1, update to a newer version to mitigate the risk. For Microsoft Office SharePoint Server 2007 Gold and SP1, update to a newer version to mitigate the risk. For Microsoft Office 2004 and 2008 for Mac, update to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to specially crafted Excel files until a patch is available. Avoid opening suspicious files from untrusted sources to minimize the risk of exploitation.