[原文]** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0028. Reason: This candidate is a reservation duplicate of CVE-2007-0028. The original assigner switched to a new CVE number. Notes: All CVE users should reference CVE-2007-0028 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Microsoft Excel Malformed Record Memory Access Code Execution
Local Access Required
Loss of Integrity
Patch / RCS
A memory corruption flaw exists in Excel. The program fails to validate the contents of XLS files resulting in memory corruption. With a specially crafted file containing an unspecified malformed record, an attacker can cause arbitrary code execution resulting in a loss of integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.