19 matches found
Microsoft Security Bulletin MS08-011 – Important Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081)
Microsoft Security Bulletin MS08-011 – Important Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution 947081 Published: February 12, 2008 Version: 1.0 General Information Executive Summary This important security update resolves three privately reported...
Microsoft Works File Converter Section Header Index Table Remote Code Execution Vulnerability
Description Microsoft Works File Converter is prone to a remote code-execution vulnerability because it fails to adequately validate user-supplied input. An attacker could exploit this issue by enticing a victim to open a malicious '.wps' file. Successfully exploiting this issue would allow the...
Microsoft Word数组数据处理远程代码执行漏洞(MS07-024)
Microsoft Word是Office套件中的文字处理工具。 Microsoft Word在处理数组数据时存在输入验证漏洞,远程攻击者可能利用此漏洞控制用户机器。 Word处理数组中的数据时没有执行充分的验证,如果用户受骗打开了恶意的Word文档的话,就可能导致执行任意代码。 Microsoft Office 2004 for Mac Microsoft Word Viewer 2003 Microsoft Word 2003 SP2 Microsoft Word 2002 SP3 Microsoft Word 2000 SP3 Microsoft Works Suite 2006...
Microsoft Security Bulletin MS07-024 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232)
Microsoft Security Bulletin MS07-024 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution 934232 Published: May 8, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Word Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...
Microsoft Excel Malformed Palette Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application, which can result in the compromise of affected computers. Technologies Affected Microsoft...
Microsoft Excel畸形命名区域内存破坏漏洞(MS06-012)
Microsoft Excel是Office产品套件中的电子表格和分析程序。 Microsoft Excel中存在安全漏洞,攻击者可能利用此漏洞在机器上执行指令。 如果能够通过Excel .xls文件的数据字段向"msvcrt.memmove"传送很大的值的话,就可能导致内存破坏,执行任意代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2 Microsoft Office 2003 Service...
Microsoft Office Excel畸形文件格式解析远程代码执行漏洞(MS06-012)
Microsoft Office Excel是非常流行的电子表格办公软件。 Microsoft Office Excel在处理Excel文档中畸形解析格式时存在漏洞,攻击者可能利用此漏洞在客户机器上执行任意代码。 使用畸形解析格式文件的Excel中存在一个远程执行代码漏洞。攻击者可以通过构建特制的Excel文件来利用此漏洞,可能允许远程执行代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2...
Microsoft Office畸形传送名单远程代码执行漏洞(MS06-012)
Microsoft Office是非常流行的办公软件。 Microsoft Office在处理Office文档时存在漏洞,成功利用此漏洞的攻击者可以完全控制受影响的系统。 攻击者可以通过在Office文档内构建特制的传送名单来利用此漏洞,可能允许远程执行代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2 Microsoft Office 2003 Service Pack 1 Microsoft...
Microsoft Office Excel畸形记录远程代码执行漏洞(MS06-012)
Microsoft Office Excel是非常流行的电子表格办公软件。 Microsoft Office Excel在处理畸形Excel文档时存在漏洞,攻击者可能利用此漏洞在用户机器上执行任意代码。 使用畸形记录的Excel中存在一个远程执行代码漏洞。攻击者可以通过构建特制的Excel文件来利用此漏洞,可能允许远程执行代码。 Excel在打开“.xls”文件时会以0x0e0e0e0e初始化栈缓冲区,但使用的用户提供长度会导致栈溢出。以下代码源于excel v9.0.0.8924: .text:3003FE0C movzx eax, word ptr ebx .text:3003FE0...
Microsoft Office Excel畸形公式大小栈溢出漏洞(MS06-012)
Microsoft Office Excel是非常流行的电子表格办公软件。 Microsoft Office Excel在处理Excel文档中的畸形描述时存在漏洞,攻击者可能利用此漏洞在客户机器上执行任意代码。 Microsoft Excel对opcode 0x0218的管理存在栈溢出漏洞。如果提供了特别大的公式大小,攻击者就可以触发此漏洞,可能允许远程执行代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pa...
Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution 924164 Published: October 10, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Excel Impact of Vulnerability: Remote Code Execution Maximum Severity Rating...
CVE-2006-2387
Microsoft Excel contains a remote-code-execution vulnerability CVE-2006-2387 in the parsing of a malformed DATETIME record within XLS files. Affected products include Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004–2006. The root cause is insuf...
Microsoft Word Malformed String Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to load a malicious Word file. If the vulnerability is successfully exploited, this could result in the execution of arbitrary code in the context of the current...
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution 921645 Published: August 8, 2006 Version: 1.0 Summary Who Should Read this Document: Customers using Microsoft Office applications or applications that use Microsoft...
Microsoft Security Bulletin MS06-039 Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384)
Microsoft Security Bulletin MS06-039 Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution 915384 Published: July 11, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Office Impact of Vulnerability: Remote Code Execution Maximum Severity...
Microsoft Security Bulletin MS06-027 Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)
Microsoft Security Bulletin MS06-027 Vulnerability in Microsoft Word Could Allow Remote Code Execution 917336 Published: June 13, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Word Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...
Microsoft Word Unspecified Document File Buffer Overflow Vulnerability
Description Microsoft Word is affected by a buffer overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data. Microsoft has not specified exactly where the error may occur. This could result in execution of arbitrary code in the...
Microsoft Word Malformed Document Buffer Overflow Vulnerability
Description Microsoft Word is prone to a buffer overflow vulnerability. This issue presents itself when Microsoft Word attempts to parse a malformed document. This could result in execution of arbitrary code in the context of a user who opens the malicious document. Internet Explorer is a likely...
Security Update for Microsoft Works Suite 2005 (KB943973)
A security vulnerability exists in Microsoft Works Suite 2005 that could allow arbitrary code to run when opening a malicious document. This update addresses that vulnerability...