4 matches found
Microsoft Office Web Components URL Parsing Buffer Overflow (MS08-017; CVE-2006-4695)
A buffer overflow vulnerability has been reported in Microsoft Office Web Components. The vulnerability is due to improper handling of certain URLs. A remote attacker may exploit this vulnerability by enticing a target user to visit a malicious web-page. Successful exploitation would allow an...
Microsoft Office Web组件ActiveX控件远程代码执行漏洞(MS08-017)
BUGTRAQ ID: 28135,28136 CVECAN ID: CVE-2006-4695,CVE-2007-1201 Microsoft Office Web组件是COM控件集合,用于向Web发布电子表格、图表和数据库,并查看所发布的组件。 Microsoft Office Web组件在解析特制的URL时管理内存资源的方式存在漏洞,如果用户受骗访问了恶意网页的话,就可能触发内存破坏,导致执行任意指令。 Microsoft Office Web Components 2000 临时解决方法: 禁止在Internet Explorer中运行Office Web组件库,为CLSID...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
DSquare Exploit Pack: D2SEC_MS08_017
Name| d2secms08017 ---|--- CVE| CVE-2006-4695 Exploit Pack| D2ExploitPack Description| Microsoft Office Web Components ActiveX Stack Overflow Notes|...