The host is installed with Microsoft Excel 2002 and is prone to arbitrary code execution vulnerability. A flaw is present in the application which is caused when Microsoft Excel does not properly initialize a variable that is used as the length of a memcpy operation while parsing a specially crafted Excel file. Successful exploitation allows remote attacker to cause a buffer overflow that leads to code execution under the security context of the logged-on user.