Microsoft_Excel_Workspace_Index_Value_Memory_Corruption_attack

There exists a memory corruption vulnerability in the way Microsoft Excel processes files. The vulnerability is a result of insufficient data validation while processing an index value in a certain BIFF record. A remote attacker can exploit this vulnerability by enticing the target user to open a crafted Excel file, potentially causing arbitrary code to be injected and executed in the security context of the current user. An attack targeting this vulnerability can result in the injection and execution of code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Any code injected will be executed within the security context of the currently logged in user. In the case of an unsuccessful code execution attack, Excel will terminate resulting in the loss of any unsaved data from the current session.