Microsoft Excel NULL Pointer Dereference Denial Of Service Vulnerability
BID:22717
Info
Microsoft Excel NULL Pointer Dereference Denial Of Service Vulnerability
| Bugtraq ID: | 22717 |
| Class: | Unknown |
| CVE: |
CVE-2007-1239 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 26 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | SehaTo is credited with the discovery of this vulnerability. |
| Vulnerable: |
Microsoft Excel 2003 SP2 Microsoft Excel 2003 SP1 Microsoft Excel 2003 |
| Not Vulnerable: | |
Discussion
Microsoft Excel NULL Pointer Dereference Denial Of Service Vulnerability
Microsoft Excel is reportedly prone to a denial-of-service vulnerability. This issue occurs when the application handles a specially crafted file. This issue stems from a NULL-pointer dereference.
Initial reports indicate that this issue is distinct from that outlined in BID 22555 Microsoft Excel Remote Denial Of Service Vulnerability.
Exploitation could cause the application to crash, resulting in a denial of service.
Microsoft Excel is reportedly prone to a denial-of-service vulnerability. This issue occurs when the application handles a specially crafted file. This issue stems from a NULL-pointer dereference.
Initial reports indicate that this issue is distinct from that outlined in BID 22555 Microsoft Excel Remote Denial Of Service Vulnerability.
Exploitation could cause the application to crash, resulting in a denial of service.
Exploit / POC
Microsoft Excel NULL Pointer Dereference Denial Of Service Vulnerability
A proof of concept is available from the following location:
http://securityvulns.com/files/a.xls
Symantec has not tested the integrity of this proof of concept.
A proof of concept is available from the following location:
http://securityvulns.com/files/a.xls
Symantec has not tested the integrity of this proof of concept.
Solution / Fix
Microsoft Excel NULL Pointer Dereference Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Microsoft Excel NULL Pointer Dereference Denial Of Service Vulnerability
References:
References:
- Microsoft Excel Homepage (Microsoft )
- Few unreported vulnerabilities by SehaTo (3APA3A)
- Microsoft Office Excel 2003 XLS File Denial Of Service (sehato)