25 matches found
Microsoft Excel日历对象验证远程代码执行漏洞(MS08-057)
BUGTRAQ ID: 31702 CVECAN ID: CVE-2008-3477 Excel是微软Office办公套件中的电子表格工具。 Excel处理VBA性能缓存的方式中存在一个远程执行代码漏洞。如果用户在VBA性能缓存中打开一个特制Excel文件,该漏洞可能触发堆溢出、内存破坏、无效数组索引或整数溢出等。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 Microsoft Excel 2003 SP3 Microsoft Excel 2003 SP2 Microsoft Excel 2002 SP3...
Memory corruption
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption...
Input validation
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."...
CVE-2008-0114
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption...
CVE-2008-0112
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."...
Input validation
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490...
Microsoft Excel Macro Validation Uninitialized Variable Manipulation Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Excel...
Microsoft Excel 2000/2003 Sheet Name Vulnerability PoC
No description provided by source. Vuln Exposed by: ZhenHan.Liu Team: Ph4nt0m Security Team http://www.ph4nt0m.org Tested on: Full Patched Excel 2003 Sp2, CN http://www.milw0rm.com/sploits/06272007-2670.zip sebug.net...
Microsoft Excel 2000/2003 Sheet Name Vulnerability PoC
Exploit for unknown platform in category dos / poc ====================================================== Microsoft Excel 2000/2003 Sheet Name Vulnerability PoC ====================================================== Tested on: Full Patched Excel 2003 Sp2, CN http://www.inj3ct0r.com/sploits/6415.z...
Microsoft Excel 2000/2003 - Sheet Name (PoC)
Vuln Exposed by: ZhenHan.Liu Team: Ph4nt0m Security Team http://www.ph4nt0m.org Tested on: Full Patched Excel 2003 Sp2, CN https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/4121.zip 06272007-2670.zip milw0rm.com 2007-06-27...
Microsoft Excel Filter记录远程代码执行漏洞(MS07-023)
Microsoft Excel是Office套件中的电子表格工具。 Excel在处理Excel BIFF8格式电子表格文件中的AutoFilter记录时存在输入验证错误,如果用户受骗打开了包含有畸形过滤记录的特制文档的话,就可能导致无效的内存访问,在用户系统上执行任意代码。 Microsoft Excel Viewer 2003 Microsoft Excel 2003 SP2 Microsoft Excel 2002 SP3 Microsoft Excel 2000 SP3 Microsoft Office 2004 for Mac 临时解决方法: 不要打开不可信任来源的Excel文档...
Microsoft Excel Set Font Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of a victim user running the application. A successful exploit will result in the compromise of the application and may aid in further attacks...
Microsoft Excel BIFF Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of a victim user running the application. A successful exploit will result in the compromise of the application and may aid in further attacks...
Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution 924164 Published: October 10, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Excel Impact of Vulnerability: Remote Code Execution Maximum Severity Rating...
CVE-2006-1301
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302...
Buffer overflow
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."...
CVE-2006-1302
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."...
CVE-2006-0028
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving inval...
CVE-2006-0030
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption...
CVE-2006-0028
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving inval...