The host is installed with Microsoft Excel and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to parse an office art object record, when a stray reference to an element of a linked list is added. The linked list is hence navigated causing a method of the malformed object to be accessed. Successful exploitation allows remote attackers to execute code under the context of the application.