333 matches found
Microsoft Office / Excel / Outlook / Web Components multiple security vulnerabilities
Microsoft Excel multiple security vulnerabilities, Outlook mailt: URI code execution, multiple Office memory corruptions, Office Web Components multiple security vulnerabilities...
Microsoft Office Web组件ActiveX控件远程代码执行漏洞(MS08-017)
BUGTRAQ ID: 28135,28136 CVECAN ID: CVE-2006-4695,CVE-2007-1201 Microsoft Office Web组件是COM控件集合,用于向Web发布电子表格、图表和数据库,并查看所发布的组件。 Microsoft Office Web组件在解析特制的URL时管理内存资源的方式存在漏洞,如果用户受骗访问了恶意网页的话,就可能触发内存破坏,导致执行任意指令。 Microsoft Office Web Components 2000 临时解决方法: 禁止在Internet Explorer中运行Office Web组件库,为CLSID...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Security Bulletin MS08-017 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
Microsoft Security Bulletin MS08-017 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution 933103 Published: March 11, 2008 Version: 1.0 General Information Executive Summary This critical update resolves two privately reported vulnerabilities in Microsof...
Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow
Overview The Microsoft Office Web Components ActiveX controls contain a stack buffer overflow in the processing of URLs, which allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office Web Components are ActiveX controls that provide...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...
CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...
Memory corruption
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...
CVE-2007-1201
CVE-2007-1201 is a remote code execution vulnerability in Microsoft Office Web Components 2000 related to the DataSource handling that can trigger memory corruption. Multiple sources describe the DataSource Vulnerability as allowing an attacker to execute arbitrary code in the user’s context by v...
CVE-2006-4695
CVE-2006-4695 is a remote-code-execution vulnerability in Microsoft Office Web Components 2000 (OWC) due to a buffer/stack overflow when parsing specially crafted URLs in the OWC.Spreadsheet.9 ActiveX control. Exploitation could occur when a user views a malicious page, potentially giving the att...
CVE-2006-4695
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via a crafted URL, aka "Office Web Components URL Parsing Vulnerability."...
CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...
Microsoft Office Web Components Multiple Buffer Overflows (MS08-017; CVE-2006-4695; CVE-2007-1201; CVE-2009-0562; CVE-2009-1136; CVE-2009-1534; CVE-2009-2493; CVE-2009-2496)
Microsoft Office Web Components are a collection of Component Object Model COM controls for publishing spreadsheets, charts, and databases to the Web, and for viewing the published components on the Web. A remote code execution vulnerability has been reported in Microsoft Office Web Components. A...
Microsoft Office Web Components ActiveX Control DataSource Remote Code Execution Vulnerability
Description Microsoft Office Web Components is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the conte...
MS08-017: Description of the security update for BizTalk Server Office Web Components: March 11, 2008
A security vulnerability exists in the Microsoft BizTalk Server Office Web Components that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability.INTRODUCTIONMicrosoft has released security bulletin MS08-017. The security bulletin...
Microsoft Office Web Components ActiveX Control URL Parsing Remote Code Execution Vulnerability
Description Microsoft Office Web Components is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the conte...
DSquare Exploit Pack: D2SEC_MS08_017
Name| d2secms08017 ---|--- CVE| CVE-2006-4695 Exploit Pack| D2ExploitPack Description| Microsoft Office Web Components ActiveX Stack Overflow Notes|...