=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2007/VULN351
_____________________________________________________________________

DATE                      : 16/08/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Tout système avec MS Excel supérieur à 2000

======================================================================

MS07-044 - Vulnerability in Microsoft Excel Could Allow Remote Code
Execution (940965)


Original Bulletin:
  http://www.microsoft.com/technet/security/bulletin/ms07-044.mspx

Affected Software:

   Microsoft Office 2000 Service Pack 3
   Microsoft Office XP Service Pack 3
   Microsoft Office 2003 Service Pack 2
   Microsoft Excel Viewer 2003
   Microsoft Office 2004 for Mac

Vulnerability Details:

Workspace Memory Corruption Vulnerability - CVE-2007-3890

   A remote code execution vulnerability exists in the way Excel handles
   malformed Excel files. An attacker could exploit the vulnerability by
   sending a malformed file which could be included as an e-mail
   attachment, or hosted on a malicious or compromised Web site.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================