‘Microsoft Office Excel RTD Heap Corruption Vulnerability’
‘The information has been provided by Nicolas Joly f.
The original article can be found at: http://seclists.org/bugtraq/2010/Jun/101‘
* Microsoft Office Excel 2002 Service Pack 3
The vulnerability is caused by a heap corruption error when processing malformed RTD (recType 0x813) records, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.
Apply MS10-038 security update:
2009-12-03 – Vendor notified
2009-12-03 – Vendor response
2010-06-08 – Coordinated public Disclosure’