45 matches found
EUVD-2002-0853
Malware in sbrugna...
EUVD-2002-0719
Malware in sbrugna...
Microsoft Office Web Components DataSource Code Execution (MS08-017; CVE-2007-1201)
A remote code execution vulnerability has been reported in Microsoft Office Web Components. The vulnerability is due to insufficient verification of the control's DataSource path. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a specially crafted web-pag...
Microsoft OWC Spreadsheet HTMLURL Buffer Overflow
$Id: ms09043owchtmlurl.rb 8698 2010-03-03 18:12:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft Office Web Components DataSourceControl ActiveX Control memory allocation
Added: 08/27/2009 CVE: CVE-2009-0562 BID: 35990 OSVDB: 56914 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap memory corruption vulnerability in the OWC10.DataSourceControl ActiveX control allows command execution when a use...
Microsoft Office Web Components DataSourceControl ActiveX Control memory allocation
Added: 08/27/2009 CVE: CVE-2009-0562 BID: 35990 OSVDB: 56914 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap memory corruption vulnerability in the OWC10.DataSourceControl ActiveX control allows command execution when a use...
Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability
Added: 08/24/2009 CVE: CVE-2009-2496 BID: 35991 OSVDB: 56915 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control allows command execution when a user opens a web...
Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability
Added: 08/24/2009 CVE: CVE-2009-2496 BID: 35991 OSVDB: 56915 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control allows command execution when a user opens a web...
Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability
Added: 08/24/2009 CVE: CVE-2009-2496 BID: 35991 OSVDB: 56915 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control allows command execution when a user opens a web...
iDefense Security Advisory 08.11.09: Microsoft Office Web Components 2000 Buffer Overflow Vulnerability
iDefense Security Advisory 08.11.09 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 11, 2009 I. BACKGROUND Office Web Components is a group of ActiveX controls that can be used to view and edit Microsoft Office files such as spreadsheets and charts. It is commonly used to allow a user ...
Microsoft Office Web Components ActiveX memory corruption
ActiveX vulnerability is actively used in-the-wild for silent malware installation...
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow
Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow
Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow
Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow
Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
DSquare Exploit Pack: D2SEC_MS09_043
Name| d2secms09043 ---|--- CVE| CVE-2009-1534 Exploit Pack| D2ExploitPack Description| Microsoft Office Web Components 2000 Buffer Overflow Vulnerability Notes|...
MS09-043: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)
The remote host is running a version of Microsoft Office Web Components that is affected by various flaws that may allow arbitrary code to be run. To succeed, the attacker would have to send specially crafted URLs to a user of the remote computer and have him process it with Microsoft Office Web...
Office Web Components Flaw Used in SQL Injection Attacks
Attackers have begun using the unpatched vulnerability in Microsoft’s Office Web Components in SQL injection attacks. The vulnerability, which only became public this week, affects millions of users running a number of different versions of Windows, Office and Internet Explorer. The SANS Internet...
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
Microsoft Office Web Components OWC Spreadsheet - ActiveX Buffer Overflow PoC var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.length milw0rm.com 2009-07-16...
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.length milw0rm.com 2009-07-16...