7 matches found
Microsoft Excel NAME Record Array Indexing Stack Buffer Corruption - Ver2 (CVE-2008-4266)
A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to a stack corruption in Microsoft Excel when loading Excel records. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
MS08-072 / MS08-074: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (957173 / 959070) (Mac OS X)
The remote Mac OS X host is running a version of Microsoft Office that is affected by several vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted Excel or Word file, these issues could be leveraged to execute arbitrary code subject to the user's...
Microsoft Excel畸形对象解析远程代码执行漏洞(MS08-074)
BUGTRAQ ID: 32618,32622,32621 CVECAN ID: CVE-2008-4265,CVE-2008-4266,CVE-2008-4264 Excel是微软Office套件中的电子表格工具。 Excel在解析记录和公式时存在多个内存破坏漏洞,在验证NAME记录中的索引值时存在栈破坏漏洞。如果用户打开带有畸形对象的特制Excel文件,这些漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 Microsoft Excel Viewer 2003 SP3...
CVE-2008-4266
CVE-2008-4266 (Excel Global Array Memory Corruption Vulnerability) is a remote code execution flaw in Microsoft Office Excel and related components (Excel 2000 SP3, 2002 SP3, 2003 SP3; Excel Viewer 2003 Gold/SP3; Office 2004/2008 for Mac; Open XML File Format Converter for Mac). The vulnerability...
Secunia Research: Microsoft Excel NAME Record Array Indexing Vulnerability
====================================================================== Secunia Research 09/12/2008 - Microsoft Excel NAME Record Array Indexing Vulnerability - ====================================================================== Table of Contents Affected...
MS08-074: Microsoft Excel Multiple Method Remote Code Execution (959070)
The remote host is running a version of Microsoft Excel that is subject to various flaws that may allow arbitrary code to be run. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it...
Microsoft Excel NAME Record Array Indexing Stack Corruption (MS08-074; CVE-2008-4266)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in the Microsoft Excel. The vulnerability is due to a stack corruption in Microsoft Excel when loading Excel records. An attacker can exploit this flaw to execute arbitrary code on a...