19 matches found
Memory corruption
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir 0x806 record object, aka...
CVE-2009-1134
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir 0x806 record object, aka...
CVE-2009-1134
CVE-2009-1134 is a memory corruption/remote code execution vulnerability in Microsoft Excel and related components (Excel 2007 SP1/SP2, Excel Viewer, and Office Compatibility Pack SP1/SP2). The flaw occurs while parsing BIFF records, specifically a malformed Qsir (0x806) record, leading to code e...
Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires user interaction in that a victim must open a malicious XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft...
[Full-disclosure] ZDI-08-068: Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability
ZDI-08-068: Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-068 -- CVE ID: CVE-2008-3471 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Excel -- TippingPointTM IPS Customer Protection:...
Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the victim to open the malformed BIFF .xls document. The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel...
Microsoft Excel BIFF File Format Parsing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel COUNTRY记录内存破坏漏洞(MS08-043)
BUGTRAQ ID: 30640 CVECAN ID: CVE-2008-3006 Excel是Microsoft Office办公软件套件中的电子表格工具。 Excel没有正确地处理BIFF文件格式,在处理文件中的畸形Country(0x8c)记录时可能会触发内存破坏,导致以当前登录用户的权限执行任意指令。 Microsoft Excel Viewer 2003 SP3 Microsoft Excel Viewer 2003 Microsoft Excel Viewer Microsoft Excel 2007 SP1 Microsoft Excel 2007 Microsoft...
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-048 August 12, 2008 -- CVE ID: CVE-2008-3006 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Excel -- TippingPointTM IPS Customer Protection:...
Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...
Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of malformed cell comments. When Excel...
Stack overflow
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption...
ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability
ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-026.html May 8, 2007 -- CVE ID: CVE-2007-0215 -- Affected Vendor: Microsoft -- Affected Products: Office Excel 2000 Office Excel 2002 Office Exce...
Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...
ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability
ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-033.html October 10, 2006 -- CVE ID: CVE-2006-2387 -- Affected Vendor: Microsoft -- Affected Products: Microsoft Office 2000 SP3 Microsoft Office XP SP3 Microsof...
CVE-2006-3449
CVE-2006-3449 describes a remote code execution in Microsoft PowerPoint 2000–2003 caused by parsing a malformed BIFF record in a PPT file. The vulnerability can be triggered when a user opens a crafted PPT document, potentially allowing attacker-controlled code execution in the user’s context (us...
CVE-2006-3449
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint...
Microsoft Office 2002 - Excel/Powerpoint/Word.. 10.0.2614.0 => 11.0.5612.0
Full archive at http://www.milw0rm.com/sploits/excel03262006.rar Topic : Microsoft Office 2002 - Excel/Powerpoint/Word.. 10.0.2614.0 = 11.0.5612.0 Date : 02/12/2006 Author : posidron [email protected] Table of Contens ================ - Some Excel Information - The XLS File Format and...
Microsoft Excel File Format Parsing Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft...