Chronology of a 0-Day Excel Vulnerability
2) A few hours later, the item was removed from eBay.
3) On the 9th of December 2005, the seller of the item, fearwall, has decided to change his name to smk778.
4) On the 12th of December 2005, the same day the bid should have ended, the following post appeared on Full Disclosure, 2x 0day Microsoft Windows Excel.
What can we learn from this chronology? quite a bit, but most are speculations.
The eBay item might or might not be, but coincidence are too strong here, the same one as the one revealed several days later.
The smk778 (fearwall) person might or not be related to the heapoverflow team/forum, as there appears to be no relations between the two, person and group (heapoverflow).
I hope more information will come to light about this issue, hopefully also from users reading this post and shedding more light on the subject, but the chronology shown here shows a clear path between vulnerability described in an eBay item and the latter full disclosure of the (possibly) a 0day Excel vulnerability.