6 matches found
MS10-079 / MS10-080 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2293194 / 2293211) (Mac OS X)
The remote Mac OS X host is running a version of Microsoft Office that is affected by multiple remote code execution vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted Word, Excel, or Lotus 1-2-3 file, these issues could be leveraged to execute...
Microsoft Excel Ghost记录类型解析堆溢出漏洞(MS10-080)
BUGTRAQ ID: 43657 CVE ID: CVE-2010-3242 Excel是微软Office套件中的电子表格工具。 Excel在解析文档的Ghost记录中的某些字段时存在堆溢出漏洞,用户受骗打开了畸形的.XSL文件就会导致执行任意代码。 Microsoft Excel 2000 SP3 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac 临时解决方法: 不要打开从不可信任来源接收到或从可信任来源意外接收到的Microsoft Office文件。 厂商补丁: Microsoft ---------...
VUPEN Security Research - Microsoft Office Excel Ghost Record Type Parsing Vulnerability (CVE-2010-3242)
VUPEN Security Research - Microsoft Office Excel Ghost Record Type Parsing Vulnerability CVE-2010-3242 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Excel is a powerful tool you can use to create and format spreadsheets, and analyze and share...
CVE-2010-3242
CVE-2010-3242 is a Ghost Record Type Parsing vulnerability in Microsoft Excel components: Excel 2002 SP3, Office for Mac 2004 and 2008, and the Open XML File Format Converter for Mac. The issue arises from improper validation of record information during parsing Ghost records, leading to a memory...
Secunia Research: Microsoft Excel Ghost Record Type Parsing Vulnerability
====================================================================== Secunia Research 12/10/2010 - Microsoft Excel Ghost Record Type Parsing Vulnerability - ====================================================================== Table of Contents Affected...
Microsoft Excel Ghost Record Type Parsing Code Execution (MS10-080; CVE-2010-3242)
Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...