6 matches found
MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) (Mac OS X)
The remote Mac OS X host is running a version of Microsoft Excel that is affected by several vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted Excel file, these issues could be leveraged to execute arbitrary code subject to the user's privilege...
Microsoft Excel DbOrParamQry memory corruption
Added: 03/11/2010 CVE: CVE-2010-0264 BID: 38555 OSVDB: 62823 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability in Microsoft Excel allows command execution when a user...
CVE-2010-0264
The CVE-2010-0264 issue affects Microsoft Office Excel 2002 SP3, Excel for Mac (Office 2004/2008), and the Open XML File Format Converter for Mac, where parsing the Excel file format fails due to a DbOrParamQry record handling error. This memory-corruption vulnerability can allow remote code exec...
Microsoft Excel DbOrParamQry对象解析内存破坏漏洞(MS10-017)
BUGTRAQ ID: 38555 CVE ID: CVE-2010-0264 Excel是微软Office套件中的电子表格工具。 Excel在解析包含有畸形DbOrParamQry记录的.XLS文件时存在内存破坏漏洞,用户受骗打开了恶意的.XLS文件就可能导致执行任意代码。 DbOrParamQry记录指定了DbQuery或ParamQry记录,具体取决于之前的记录。记录查询参数(ParamQry)偏移DCh包含有有关ODBC参数化查询的记录,格式如下: /----- Offset Name Size Contents 4 wTypeSql 2 Used for ODBC querie...
CORE-2009-1103: Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability 1. Advisory Information Title: Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability...
Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability
Advisory ID Internal CORE-2009-1103 1. Advisory Information Title: Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability Advisory Id: CORE-2009-1103 Date published: 2010-03-09 Date of last update: 2010-03-09 Vendors contacted: Microsoft Release mode: Coordinated release 2...