Microsoft Office Excel畸形文件格式解析远程代码执行漏洞（MS06-012）

Microsoft Office Excel是非常流行的电子表格办公软件。 Microsoft Office Excel在处理Excel文档中畸形解析格式时存在漏洞，攻击者可能利用此漏洞在客户机器上执行任意代码。 使用畸形解析格式文件的Excel中存在一个远程执行代码漏洞。攻击者可以通过构建特制的Excel文件来利用此漏洞，可能允许远程执行代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2...

Microsoft Office Excel畸形记录远程代码执行漏洞（MS06-012）

Microsoft Office Excel是非常流行的电子表格办公软件。 Microsoft Office Excel在处理畸形Excel文档时存在漏洞，攻击者可能利用此漏洞在用户机器上执行任意代码。 使用畸形记录的Excel中存在一个远程执行代码漏洞。攻击者可以通过构建特制的Excel文件来利用此漏洞，可能允许远程执行代码。 Excel在打开“.xls”文件时会以0x0e0e0e0e初始化栈缓冲区，但使用的用户提供长度会导致栈溢出。以下代码源于excel v9.0.0.8924： .text:3003FE0C movzx eax, word ptr ebx .text:3003FE0...

Microsoft Office畸形传送名单远程代码执行漏洞（MS06-012）

Microsoft Office是非常流行的办公软件。 Microsoft Office在处理Office文档时存在漏洞，成功利用此漏洞的攻击者可以完全控制受影响的系统。 攻击者可以通过在Office文档内构建特制的传送名单来利用此漏洞，可能允许远程执行代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2 Microsoft Office 2003 Service Pack 1 Microsoft...

Microsoft Office Excel畸形公式大小栈溢出漏洞（MS06-012）

Microsoft Office Excel是非常流行的电子表格办公软件。 Microsoft Office Excel在处理Excel文档中的畸形描述时存在漏洞，攻击者可能利用此漏洞在客户机器上执行任意代码。 Microsoft Excel对opcode 0x0218的管理存在栈溢出漏洞。如果提供了特别大的公式大小，攻击者就可以触发此漏洞，可能允许远程执行代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pa...

Microsoft Excel畸形命名区域内存破坏漏洞（MS06-012）

Microsoft Excel是Office产品套件中的电子表格和分析程序。 Microsoft Excel中存在安全漏洞，攻击者可能利用此漏洞在机器上执行指令。 如果能够通过Excel .xls文件的数据字段向"msvcrt.memmove"传送很大的值的话，就可能导致内存破坏，执行任意代码。 Microsoft Office XP SP3 Microsoft Office X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Service Pack 2 Microsoft Office 2003 Service...

ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability

ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-004.html March 14, 2006 -- CVE ID: CVE-2006-0028 -- Affected Vendor: Microsoft -- Affected Products: Office 2000 Office XP Office 2003 -- TippingPointTM IPS Customer Protection:...

Microsoft Security Bulletin MS06-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)

Microsoft Security Bulletin MS06-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution 905413 Published: March 14, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Office Impact of Vulnerability: Remote Code Execution Maximum Severity Rating...

High Risk Vulnerability in Microsoft Excel

Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Microsoft Excel which may allow an remote attacker to execute arbitrary code on a user's system via the Internet Explorer Excel plugin. This issue has been resolved in the Microsoft bulletin MS06-012, which may be...

Microsoft Excel malformed description memory corruption vulnerability

Overview Microsoft Excel contains a memory corruption vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Excel fails to properly validate description fields in Excel data files. When a file with a malformed...

Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)

source: https://www.securityfocus.com/bid/15926/info Microsoft Excel is susceptible to two unspecified memory-corruption vulnerabilities. The issues present themselves when Microsoft Excel tries to process malformed or corrupted XLS files. Attackers may exploit these issues to crash the affected...

Microsoft Excel 95972000200220032004 - Memory Corruption (MS06-012)

Microsoft Excel 95972000200220032004 - Memory Corruption MS06-012 source: https://www.securityfocus.com/bid/15926/info Microsoft Excel is susceptible to two unspecified memory-corruption vulnerabilities. The issues present themselves when Microsoft Excel tries to process malformed or corrupted XL...