Lucene search
K

9 matches found

seebug.org
seebug.org
added 2010/02/20 12:0 a.m.29 views

Microsoft PowerPoint OEPlaceholderAtom记录无效数组索引漏洞(MS10-004)

BUGTRAQ ID: 38103 CVE ID: CVE-2010-0031 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint处理特制PPT文件OEPlaceholderAtom记录中的placementId字段值时存在数组索引漏洞,成功利用此漏洞的攻击者可完全控制受影响的系统。 OEPlaceholderAtom记录类型用于为幻灯片的图片、文本等对象创建占位符。如果用户提供的值大于数组大小,就可以用固定的值破坏数组边界外的栈内存。通过覆盖关键结构(如保存的返回地址),就可以导致执行任意代码。 Microsoft Office 20...

9.3CVSS2.7AI score0.21221EPSS
Exploits6
seebug.org
seebug.org
added 2010/02/13 12:0 a.m.38 views

Microsoft PowerPoint "OEPlaceholderAtom" record vulnerability

No description provided by source. iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see...

9.3CVSS6.5AI score0.21221EPSS
Exploits6
Saint
Saint
added 2010/02/12 12:0 a.m.38 views

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

9.3CVSS6.4AI score0.21221EPSS
Exploits6
securityvulns
securityvulns
added 2010/02/12 12:0 a.m.46 views

iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability

iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...

9.3CVSS5.7AI score0.21221EPSS
Exploits6
Saint
Saint
added 2010/02/12 12:0 a.m.31 views

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

9.3CVSS6.4AI score0.21221EPSS
Exploits6
Saint
Saint
added 2010/02/12 12:0 a.m.30 views

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

9.3CVSS6.4AI score0.21221EPSS
Exploits6
Saint
Saint
added 2010/02/12 12:0 a.m.29 views

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

9.3CVSS6.4AI score0.21221EPSS
Exploits6
CVE
CVE
added 2010/02/10 6:0 p.m.85 views

CVE-2010-0031

CVE-2010-0031: An error in parsing the OEPlaceholderAtom record (placementId) in PowerPoint components allows remote code execution via a crafted PowerPoint file. Affected products include Microsoft Office PowerPoint 2002 SP3, 2003 SP3, and PowerPoint in Office 2004 for Mac. The vulnerability ste...

9.3CVSS7.4AI score0.21221EPSS
Exploits6References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/02/09 12:0 a.m.48 views

MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)

The remote Windows host is running a version of Microsoft PowerPoint that is affected by several vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted PowerPoint file, these issues could be leveraged to execute arbitrary code subject to the user's...

9.3CVSS6AI score0.51073EPSS
Exploits18References7
Rows per page
Query Builder