Microsoft Excel数据验证记录堆内存破坏漏洞(MS08-014)

BUGTRAQ ID: 28094 CVECAN ID: CVE-2008-0111 Excel是微软Office办公软件家族中的电子表格工具。 Excel在处理BIFF8格式电子表格文件中的DVAL记录时存在漏洞，如果将该记录的某些字段设置为无效值的话，则用户打开该文件时就会触发堆内存破坏或导致执行任意指令。 Microsoft Excel Viewer 2003 Microsoft Excel 2007 Microsoft Excel 2003 SP2 Microsoft Excel 2002 SP3 Microsoft Excel 2000 SP3 Microsoft Office...

[Full-disclosure] iDefense Security Advisory 03.11.08: Microsoft Excel DVAL Heap Corruption Vulnerability

iDefense Security Advisory 03.11.08 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 11, 2008 I. BACKGROUND Microsoft Excel is the spreadsheet application that is included with Microsoft Corp's Office productivity software suite. More information is available at the following website...

Microsoft Excel畸形调色板记录堆溢出漏洞（MS07-002）

Microsoft Excel是微软Office套件中的电子表格工具。 Excel在处理BIFF8格式电子表格文件中畸形的PALETTE记录时存在堆溢出漏洞，远程攻击者可能利用此漏洞远程控制用户机器。 在Excel文档中如果攻击者为PALETTE记录指定了过多条目的话，就会触发这个漏洞，攻击者通过诱骗用户打开此恶意文档导致在用户机器上执行任意指令。 Microsoft Excel v.X for Mac Microsoft Excel 2004 for Mac Microsoft Excel 2003 Microsoft Excel 2002 Microsoft Excel 2000...

[Full-disclosure] iDefense Security Advisory 01.09.07: Microsoft Excel Long Palette Heap Overflow Vulnerability

Microsoft Excel Long Palette Heap Overflow Vulnerability iDefense Security Advisory 01.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2007 I. BACKGROUND Microsoft Excel is the spreadsheet application from the Microsoft Office System. More information is available at the...