2 matches found
Microsoft Office Web组件ActiveX控件远程代码执行漏洞(MS08-017)
BUGTRAQ ID: 28135,28136 CVECAN ID: CVE-2006-4695,CVE-2007-1201 Microsoft Office Web组件是COM控件集合,用于向Web发布电子表格、图表和数据库,并查看所发布的组件。 Microsoft Office Web组件在解析特制的URL时管理内存资源的方式存在漏洞,如果用户受骗访问了恶意网页的话,就可能触发内存破坏,导致执行任意指令。 Microsoft Office Web Components 2000 临时解决方法: 禁止在Internet Explorer中运行Office Web组件库,为CLSID...
CVE-2007-1201
CVE-2007-1201 is a remote code execution vulnerability in Microsoft Office Web Components 2000 related to the DataSource handling that can trigger memory corruption. Multiple sources describe the DataSource Vulnerability as allowing an attacker to execute arbitrary code in the user’s context by v...