iDefense Security Advisory 03.09.10: Microsoft Excel MDXTUPLE Record Heap Overflow Vulnerability

iDefense Security Advisory 03.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 09, 2010 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...

Microsoft Excel MDXTuple和ContinueFRT12记录堆溢出漏洞（MS10-017）

BUGTRAQ ID: 38551 CVE ID: CVE-2010-0260 Excel是微软Office套件中的电子表格工具。 Excel在解析XSL文件中畸形MDXTuple和ContinueFRT12记录时存在堆溢出漏洞，成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Excel Viewer SP2 Microsoft Excel Viewer SP1 Microsoft Excel 2007 SP2 Microsoft Excel 2007 SP1 临时解决方法： 使用Microsoft Office文件阻断策略以防止打开未知或不可信任来源的Office...

Microsoft Excel MDXTUPLE and MDXSET Records Heap Overflow (MS10-017; CVE-2010-0260; CVE-2010-0261)

Microsoft Excel is a popular spreadsheet application. Multiple heap overflow vulnerabilities have been identified in Microsoft Excel. These vulnerabilities are due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger...