Microsoft Excel DbOrParamQry memory corruption

Added: 03/11/2010 CVE: CVE-2010-0264 BID: 38555 OSVDB: 62823 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability in Microsoft Excel allows command execution when a user...

Microsoft Excel DbOrParamQry对象解析内存破坏漏洞（MS10-017）

BUGTRAQ ID: 38555 CVE ID: CVE-2010-0264 Excel是微软Office套件中的电子表格工具。 Excel在解析包含有畸形DbOrParamQry记录的.XLS文件时存在内存破坏漏洞，用户受骗打开了恶意的.XLS文件就可能导致执行任意代码。 DbOrParamQry记录指定了DbQuery或ParamQry记录，具体取决于之前的记录。记录查询参数（ParamQry）偏移DCh包含有有关ODBC参数化查询的记录，格式如下： /----- Offset Name Size Contents 4 wTypeSql 2 Used for ODBC querie...

Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability

Advisory ID Internal CORE-2009-1103 1. Advisory Information Title: Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability Advisory Id: CORE-2009-1103 Date published: 2010-03-09 Date of last update: 2010-03-09 Vendors contacted: Microsoft Release mode: Coordinated release 2...

Microsoft Excel DbOrParamQry Record Parsing Code Execution (MS10-017; CVE-2010-0264)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...