Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the parsing of certain records in Lotus 1-2-3 workbooks. This can be exploited to cause a heap-based buffer overflow via a Lotus 1-2-3 file containing a specially crafted, overly long record. Successful exploitation may allow execution of arbitrary code. Microsoft Excel versions 2002 SP3 and 2003 SP3 are affected.
eaa3b220e89e395f1191b6a6206ef0e5d0192c66b80b7db1d9065ae7233e71ad