50 matches found
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Excel
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a remote code execution vulnerability in Microsoft Excel. Microsoft disclosed this bug as part of their monthly security update Tuesday. This vulnerability exists in the...
Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote DoS Exploit
No description provided by source. pre span style=font: 14pt Courier New;p align=centerb2007/05/23/b/p/span codespan style=font: 10pt Courier New;span class=general1-symbol---------------------------------------------------------------------------------------------------------------------------...
MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)
This module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office 2010, 2007, 2003, and XP prior to the release of the MS10-087 bulletin are vulnerable. This module does not attempt to explo...
CVE-2009-1534
CVE-2009-1534 : Buffer overflow in the Office Web Components ActiveX Control used by Microsoft Office Web Components across multiple products (Office XP/2000 Web Components SP3, BizTalk Server 2002, Visual Studio .NET 2003 SP1) enables remote code execution via crafted property values. The issue ...
JVN#70858401 Buffer overflow vulnerability in Microsoft Works converters
Microsoft Works converters contain a buffer overflow vulnerability when processing Works .wps files. Impact If a user opens a malicious Works file, an attacker may execute arbitrary code. Solution Update the software Update to latest version according to the information provided by Microsoft...
Buffer overflow
Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka "File Converter Buff...
Microsoft PowerPoint多个安全漏洞
CVE-2009-0220 CVE-2009-0221 CVE-2009-0222 CVE-2009-0223 CVE-2009-0224 CVE-2009-0225 CVE-2009-0226 CVE-2009-0227 CVE-2009-1128 CVE-2009-1129 CVE-2009-1130 CVE-2009-1131 CVE-2009-1137 Microsoft PowerPoint存在多个安全漏洞,它可以被恶意利用。 1 )两个边界错误处理某些原子可以被利用来造成基于堆栈的缓冲区溢出通过一个特制的PowerPoint文件。 2...
Microsoft Office单元格标注解析内存破坏漏洞(MS08-016)
BUGTRAQ ID: 28146 CVECAN ID: CVE-2008-0118 Microsoft Office是非常流行的办公软件套件。 Office处理特制Office文件的方式存在内存分配错误,如果用户受骗打开了畸形文件的话,就可能导致执行任意指令。 Microsoft Office XP SP3 Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2 Microsoft Office 2000 SP3 临时解决方法: 在打开未知或不可信任来源的文件时,使用Microsoft...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Security Bulletin MS08-014 - Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)
Microsoft Security Bulletin MS08-014 - Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution 949029 Published: March 11, 2008 Version: 1.0 General Information Executive Summary This security update resolves several privately reported and publicly reported vulnerabilities i...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office File Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft Security Bulletin MS08-012 - Critical Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085)
Microsoft Security Bulletin MS08-012 - Critical Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution 947085 Published: February 12, 2008 Version: 1.0 General Information Executive Summary This critical security update resolves two privately reported vulnerabilities in...
Microsoft Excel Macro Validation Uninitialized Variable Manipulation Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Excel...
Microsoft Office Publisher多个拒绝服务漏洞
BUGTRAQ ID: 26982 CNCAN ID:CNCAN-2007122407 Microsoft Office Publisher是一款微软提供的桌面出版应用软件。 Microsoft Office Publisher处理特殊构建的程序存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 建立一个Publisher文件,并修改00006B90到00006D90为A,可导致应用程序崩溃。或者建立的新文件增加一个使用多个“A”的"wordart"选项,然后修改000077D0到000079B0为A。可导致应用程序崩溃。 Microsoft Publisher 2007 0...
Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution 940965 Published: August 14, 2007 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in addition to other security...
Microsoft Security Bulletin MS07-036 - Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542)
Microsoft Security Bulletin MS07-036 - Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution 936542 Published: July 10, 2007 Version: 1.0 General Information Executive Summary This critical update resolves one publicly disclosed vulnerability and two privately reported...
Buffer overflow
Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX control OUACTRL.OCX 1.0.1.9 allows remote attackers to cause a denial of service probably winhlp32.exe crash via a long first argument. NOTE: it is not clear whether this issue crosses...
Microsoft Office 2000 (OUACTRL.OCX v. 1.0.1.9) Remote DoS Exploit
No description provided by source. pre span style="font: 14pt Courier New;"p align="center"b2007/05/23/b/p/span...