Microsoft Office Web Components (Spreadsheet) ActiveX BOF PoC

Exploit for unknown platform in category dos / poc ============================================================= Microsoft Office Web Components Spreadsheet ActiveX BOF PoC ============================================================= var shellcode = unescape"evil code"; var array = new Array; va...

Microsoft Office Web Components Active-X Overflow

var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.length...

Microsoft Office Web Components (Spreadsheet) ActiveX BOF PoC

No description provided by source. !-- http://en.securitylab.ru/poc/extra/382458.php -- html body script language="JavaScript" var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.lengthls/2...

Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)

Microsoft Office Web Components OWC Spreadsheet - ActiveX Buffer Overflow PoC var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.length milw0rm.com 2009-07-16...

Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)

var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.length milw0rm.com 2009-07-16...

CVE-2009-1136

The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...

DSquare Exploit Pack: D2SEC_OWC

Name| d2secowc ---|--- CVE| CVE-2009-1136 Exploit Pack| D2ExploitPack Description| Microsoft Office Web Components ActiveX msDataSourceObject Code Execution Vulnerability Notes|...

Design/Logic Flaw

The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...

CVE-2009-1136

The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...

CVE-2009-1136

CVE-2009-1136 affects the Microsoft Office Web Components Spreadsheet ActiveX control (OWC10/OWC11) bundled with Office XP SP3, Office 2003 SP3, and related Web Components/ISA configurations. A crafted call to msDataSourceObject in Internet Explorer allows remote code execution; this vulnerabilit...

VulnCheck KEV: CVE-2009-1136

The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...

Microsoft Office Web Components Spreadsheet ActiveX control vulnerability

Overview The Microsoft Office Web Components Spreadsheet ActiveX controls OWC10 and OWC11 contain a vulnerability that may allow an attacker to take control of a vulnerable system. Description The Office Web Components Spreadsheet ActiveX control contains a code execution vulnerability. Public...

Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability

Added: 07/14/2009 CVE: CVE-2009-1136 BID: 35642 OSVDB: 55806 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the...

Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability

Added: 07/14/2009 CVE: CVE-2009-1136 BID: 35642 OSVDB: 55806 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the...

FortiGuard Advisory: Microsoft Office Web Components Remote Memory Corruption Vulnerability

Microsoft Office Web Components Remote Memory Corruption Vulnerability 2009.July.13 Fortinet's FortiGuard Global Security Research Team Discovers Memory Corruption Vulnerability in Microsoft Office Web Components. Summary: ======== A memory corruption vulnerability exists in the ActiveX Controls ...

Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability

Added: 07/14/2009 CVE: CVE-2009-1136 BID: 35642 OSVDB: 55806 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the...

MS09-043: Vulnerabilities in Microsoft Office Web Components Control Could Allow Remote Code Execution (973472)

The remote Windows host includes Microsoft Office Web Components, a collection of Component Object Model COM controls for publishing and viewing spreadsheets, charts, and databases on the web. A privately reported vulnerability in Microsoft Office Web Components reportedly can be abused to corrup...

New Flaw in Microsoft Office Web Components Under Attack

From SearchSecurity Robert Westervelt Microsoft issued an advisory Monday, warning of a new vulnerability in Office Web Components being actively targeted by attackers. The Office Web Components allow users to view spreadsheets, charts and databases on the Web. Microsoft said the vulnerability is...

Update Protection against Microsoft Office Web Components Multiple ActiveX Controls Remote Code Execution Vulnerability (MS09-043)

Multiple remote code execution vulnerabilities have been reported in Microsoft Office Web Components ActiveX Controls. Microsoft Office Web Components are a collection of Component Object Model COM controls for publishing spreadsheets, charts, and databases to the Web, and for viewing the publish...

Microsoft Office Web Components ActiveX Control 'msDataSourceObject()' Code Execution Vulnerability

Description Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit...