32 matches found
Description of the Microsoft Office 2004 for Mac 11.5.3 Update
Describes the Microsoft Office 2004 for Mac 11.5.3 Update and the changes that the update makes to Office 2004 for Mac and its programs.INTRODUCTIONMicrosoft has released security bulletins MS08-072 and MS08-074. These security bulletins contain all the relevant information about the security...
Microsoft Office艺术绘图记录解析内存破坏漏洞(MS10-087)
BUGTRAQ ID: 44656 CVE ID: CVE-2010-3334 Microsoft Office是非常流行的办公软件套件。 Office在解析艺术绘图记录时没有充分地执行验证,如果msofbtSp记录指定了某些标志就可以触发内存破坏,导致执行任意代码。 Microsoft Office XP SP3 Microsoft Office for Mac 2011 Microsoft Office 2010 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Office 2003...
Microsoft Office Art Drawing Record Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to corrupt memory and execute arbitrary code in the context of the...
VUPEN Security Research - Microsoft Office Word Document Buffer Overflow Vulnerability (CVE-2010-2748)
VUPEN Security Research - Microsoft Office Word Document Buffer Overflow Vulnerability CVE-2010-2748 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Word, included in the Microsoft Office suite, is a powerful authoring program that gives the ability ...
VUPEN Security Research - Microsoft Office Excel Formula Record Buffer Overflow Vulnerability (CVE-2010-3231)
VUPEN Security Research - Microsoft Office Excel Formula Record Buffer Overflow Vulnerability CVE-2010-3231 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Excel is a powerful tool you can use to create and format spreadsheets, and analyze and share...
Microsoft Word Uninitialized Pointer (CVE-2010-2747) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word Return Value Handling (CVE-2010-3215) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word sprmCMajority记录解析栈溢出漏洞(MS10-056)
BUGTRAQ ID: 42136 CVE ID: CVE-2010-1900 Word是微软Office套件中的文字处理工具。 在解析Word文档中的sprmCMajority记录时,由于处理sprmCMajority sprm组没有对参数执行检查,攻击者可以控制写入到栈缓冲区中的数据数量,触发栈溢出。成功利用此漏洞的攻击者可完全控制受影响的系统。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Wo...
Microsoft Excel WOPT Record Parsing Heap Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...
Microsoft Excel CVE-2010-1251 Record Parsing Stack Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...
CORE-2009-0827: Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite Vulnerability 1. Advisory Information Title: Microsoft Office Excel / Word OfficeArtSpgr...
Microsoft Excel畸形BIFF记录远程代码执行漏洞(MS09-067)
Bugraq ID: 36946 CVE ID:CVE-2009-3130 Microsoft Excel是一款微软开发的电子表格处理程序。 Microsoft Office Excel存在一个远程代码执行漏洞,如果用户打开一个特殊构建的包含畸形的BIFF记录的Excel文件可允许远程代码执行。 成功利用此漏洞允许完全控制受影响系统,攻击者成功利用此漏洞可以以内核权限安装程序;查看,更改或删除数据等。 Microsoft Open XML File Format Converter for Mac Microsoft Office 2008 for Mac Microsoft Offic...
Microsoft Word Record Parsing Remote Stack Buffer Overflow Vulnerability
Description Microsoft Word is prone to a remote stack-buffer overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Word '.doc' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running th...
Microsoft Word Record Parsing Length Field Remote Stack Buffer Overflow Vulnerability
Description Microsoft Word is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...
Microsoft Office单元格标注解析内存破坏漏洞(MS08-016)
BUGTRAQ ID: 28146 CVECAN ID: CVE-2008-0118 Microsoft Office是非常流行的办公软件套件。 Office处理特制Office文件的方式存在内存分配错误,如果用户受骗打开了畸形文件的话,就可能导致执行任意指令。 Microsoft Office XP SP3 Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2 Microsoft Office 2000 SP3 临时解决方法: 在打开未知或不可信任来源的文件时,使用Microsoft...
Microsoft Security Bulletin MS08-016 – Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)
Microsoft Security Bulletin MS08-016 – Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 949030 Published: March 11, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft Office that...
Microsoft Office File Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft Windows OLE自动化堆溢出漏洞(MS08-008)
BUGTRAQ ID: 27661 CVECAN ID: CVE-2007-0065 Microsoft Windows是微软发布的非常流行的操作系统。 对象链接和嵌入(OLE)自动化处理特制脚本请求的方式存在堆溢出漏洞,如果用户受骗访问了恶意站点的话,就可能触发这个溢出,导致以登录用户的权限对系统进行更改。如果用户以管理权限登录的话,攻击者就可以完全控制受影响的系统。 Microsoft Office 2004 for Mac Microsoft Visual Basic 6.0 SP6 Microsoft Windows XP SP2 Microsoft Windows Vista...
Microsoft Excel Macro Validation Uninitialized Variable Manipulation Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Excel...
Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution 940965 Published: August 14, 2007 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in addition to other security...