34 matches found
Microsoft Excel - HFPicture Record Parsing Memory Corruption (0day)
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 23 0day binary anlysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel HFPicture Record Parsing Memory Corruption 0day Version : Excel 2002 SP3 Analysis :...
Microsoft Excel - HFPicture Record Parsing Remote Code Execution Vulnerability
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 16 binary anlysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability Version : Excel 2002 SP3...
Microsoft Excel - SxView Record Parsing Heap Memory Corruption
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 29 binary analysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel SxView Record Parsing Heap Memory Corruption Version : Excel 2002 SP3 Analysis :...
Microsoft Excel - WOPT Record Parsing Heap Memory Corruption
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 21 binary analysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel WOPT Record Parsing Heap Memory Corruption Version : Excel 2002 SP3 Analysis :...
CVE-2011-0097
Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary cod...
CVE-2010-3955
pubconv.dll aka the Publisher Converter DLL in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Array Indexing Memory Corruption Vulnerability."...
Microsoft Excel PtgExtraArray结构解析内存破坏漏洞(MS10-080)
BUGTRAQ ID: 43654 CVE ID: CVE-2010-3239 Excel是微软Office套件中的电子表格工具。 Excel在解析文档的PtgExtraArray结构时存在内存破坏漏洞,用户受骗打开了畸形的.XSL文件就会导致执行任意代码。 Microsoft Excel 2002 SP3 临时解决方法: 不要打开从不可信任来源接收到或从可信任来源意外接收到的Microsoft Office文件。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS10-080)以及相应补丁:...
CVE-2010-3234
Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability."...
CVE-2010-3235
Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Biff Record Vulnerability."...
CVE-2010-3219
Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."...
Microsoft Excel SxView Record Parsing Heap Memory Corruption
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 29 binary analysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel SxView Record Parsing Heap Memory Corruption Version : Excel 2002 SP3 Analysis :...
Microsoft Excel - SxView Record Parsing Heap Memory Corruption
Microsoft Excel - SxView Record Parsing Heap Memory Corruption ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 29 binary analysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel SxView Record Parsing Heap Memory Corruption Version : Excel...
Microsoft Excel - SxView Record Parsing Heap Memory Corruption
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 29 binary analysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel SxView Record Parsing Heap Memory Corruption Version : Excel 2002 SP3 Analysis : http://www.abysssec.com Vendor :...
Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability
No description provided by source. ''' Title : Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability Version : Excel 2002 SP3 Analysis : http://www.abysssec.com Vendor : http://www.microsoft.com Impact : High Contact : shahin at abysssec.com , info at abysssec.com Twitter :...
Microsoft Excel - HFPicture Record Parsing Remote Code Execution
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 16 binary anlysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability Version : Excel 2002 SP3 Analysis : http://www.abysssec.com...
Microsoft Excel - HFPicture Record Parsing Remote Code Execution
Microsoft Excel - HFPicture Record Parsing Remote Code Execution ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 16 binary anlysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability...
Month Of Abysssec Undisclosed Bugs - Excel RTD Memory Corruption
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-10-excel-rtd-memory-corruption/ http://www.exploit-db.com/sploits/moaub-10-exploit.zip ''' ''' Title : Excel RTD Memory Corruption Version :...
Microsoft Office Excel PivotTable Cache Data Record Handling Overflow
Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...
Microsoft Word sprmCMajority记录解析栈溢出漏洞(MS10-056)
BUGTRAQ ID: 42136 CVE ID: CVE-2010-1900 Word是微软Office套件中的文字处理工具。 在解析Word文档中的sprmCMajority记录时,由于处理sprmCMajority sprm组没有对参数执行检查,攻击者可以控制写入到栈缓冲区中的数据数量,触发栈溢出。成功利用此漏洞的攻击者可完全控制受影响的系统。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Wo...
Microsoft Word RTF解析引擎远程内存破坏漏洞(MS10-056)
BUGTRAQ ID: 42132 CVE ID: CVE-2010-1901 Word是微软Office套件中的文字处理工具。 在处理包含有某些控制字的RTF文档时,RTF解析引擎可能错误的从RTF文件读取值,导致内存破坏。成功利用此漏洞的攻击者可以获得与本地用户相同的权限。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Word 2002 SP3 临时解决方法: 以纯文本格式阅读电子邮件。...