3 matches found
MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) (Mac OS X)
The remote Mac OS X host is running a version of Microsoft Excel that is affected by several vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted Excel file, these issues could be leveraged to execute arbitrary code subject to the user's privilege...
CVE-2010-0258
CVE-2010-0258 is a Microsoft Office Excel Sheet Object Type Confusion Vulnerability. It affects Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, and Mac variants (2004/2008 for Mac, Open XML Converter for Mac, Excel Viewer SP1/2, and Compatibility Pack SP1/SP2). Root cause: improper parsing of the Excel f...
Microsoft Excel对象类型混淆远程代码执行漏洞(MS10-017)
BUGTRAQ ID: 38550 CVE ID: CVE-2010-0258 Excel是微软Office套件中的电子表格工具。 Excel在解析XSL文件中畸形BRAI BIFF记录时存在内存破坏漏洞。在这种情况下,多个记录之间所共享的包含有识别对象类型字段的记录可能导致类型混淆。用户受骗打开了特制的Excel文档就可以触发这个漏洞。通过控制所分配堆块边界之外的内存,攻击者就可以控制虚函数调用中所使用的C++对象指针,导致将内存区处理为不同的对象类型,越界访问所分配的对象。 Microsoft Excel Viewer SP2 Microsoft Excel Viewer SP1...