Microsoft Excel URL unicode buffer overflow

Added: 06/21/2006
CVE: CVE-2006-3086
BID: 18500
OSVDB: 26666

Background

Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms.

Problem

A buffer overflow in Excel when processing long URL strings allows command execution when a user clicks on a specially crafted link within a spreadsheet.

Resolution

Do not open Excel files from untrusted sources.

References

http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0391.html

Limitations

Exploit works on Microsoft Excel 2002. In order for exploitation to occur, a user must download and open the exploit file and click on the Click Here link. Note that on Windows XP, a pop-up window comes up after the click, and the user must click on either button to trigger the exploit.

Platforms

Windows 2000
Windows XP

Back to exploit index