2 matches found
Microsoft Data Analyzer 'max3activex.dll' ActiveX控件远程代码执行漏洞
Bugraq ID: 38045 CVE ID:CVE-2010-0252 CNCVE ID:CNCVE-20100252 Microsoft Data Analyzer是一款用于Microsoft Office的数据分析软件。 Microsoft Data Analyzer ActiveX control max3activex.dll存在一个未明错误,构建恶意WEB页,诱使用户访问,可导致系统状态破坏,执行任意代码。 Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP Tablet PC Edition SP...
CVE-2010-0252
CVE-2010-0252 describes a remote code execution risk in the Microsoft Data Analyzer ActiveX control (max3activex.dll) used in Office/Excel components. A crafted web page can corrupt the system state and run arbitrary code with the caller’s privileges. Microsoft addressed this via MS10-034, which ...