252 matches found
Microsoft Project资源内存分配远程代码执行漏洞(MS08-018)
BUGTRAQ ID: 28607 CVECAN ID: CVE-2008-1088 Project是微软Office套件中的项目管理和控制组件。 Microsoft Project在打开Project文件时没有正确地验证内存资源分配。如果用户受骗打开了畸形文档,就可能触发这个漏洞,导致执行任意指令。 Microsoft Project 2003 SP2 Microsoft Project 2002 SP1 Microsoft Project 2000 Service Release 1 临时解决方法: 不要打开不可信任来源或可信任来源意外接收到的Microsoft Office文件。...
Security Update for Excel Viewer 2003 (KB940604)
A security vulnerability exists in Microsoft Office Excel Viewer 2003 that could allow arbitrary code to run when opening a malicious document. This update addresses that vulnerability...
Microsoft Excel fails to properly handle Lotus 1-2-3 files
Overview Microsoft Excel contains a vulnerability in the handling of malformed Lotus 1-2-3 files, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel contains an unspecified vulnerability that could be exploited when Exc...
Update Protection against MS-Word Zero-Day Attack (919637)
A zero-day attack has been reported using a code execution vulnerability in Microsoft Word. In order for this attack to be triggered, a user must open a malicious Word document attached to an e-mail or otherwise provided to them by an attacker. Opening the Word file causes the system to be...
Security Update for Excel 2002 (KB905755)
A security vulnerability exists in Microsoft Excel 2002 that could allow arbitrary code to run when opening a malicious document. This update addresses that vulnerability...
CVE-2004-0573
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website...
CVE-2003-0664
Microsoft Word 2002, 2000, 97, and 98J does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document...
Microsoft Security Bulletin MS03-035: Flaw in Microsoft Word Could Enable Macros to Run Automatically(827653)
-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------- Title: Flaw in Microsoft Word Could Enable Macros to Run Automatically 827653 Date: September 3, 2003 Software: Microsoft Word 97 Microsoft Word 98 J Microsoft Word 2000 Microsoft Word 2002...
Microsoft Word does not adequately validate macros embedded within malformed Word documents
Overview There is a vulnerability caused by a failure to detect macros embedded in Microsoft Word documents. This vulnerability may allow the author of a malicious document to execute arbitrary commands as the user who opens the document. Description Microsoft Word versions including Word 2002,...
Microsoft Word 95/97/98/2000/2002 / Excel 2002 - INCLUDETEXT Document Sharing File Disclosure
source: https://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat. If the INCLUDETEXT Field Code is...
Microsoft PowerPoint and Excel fail to properly detect macros thereby automatically executing malicious code via crafted document (MS01-050)
Overview A malformed Microsoft Excel or PowerPoint document can bypass macro checking thereby allowing arbitrary code to be run on the target system. Description Microsoft Excel and PowerPoint scan documents when they are opened and check for the existence of macros. If the document contains...
Security Update for PowerPoint 2002 (KB905758)
A security vulnerability exists in Microsoft PowerPoint 2002 that could allow arbitrary code to run when opening a malicious document. This update addresses that vulnerability...