2 matches found
Microsoft Word智能标签无效长度处理内存破坏漏洞(MS08-042)
BUGTRAQ ID: 30124 CVECAN ID: CVE-2008-2244 Microsoft Word是微软Office办公软件套件中的文字处理工具。 Word没有正确地处理文档中的无效智能标签长度值,如果用户打开了带有畸形记录值的特制Word文件,就可能触发内存破坏。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 目前这个漏洞正在被名为Trojan.Mdropper的木马积极的利用。 Microsoft Word 2003 SP3 Microsoft Word 2003 SP2 Microsof...
MS08-042: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (955048)
The remote host is running a version of Microsoft Word that is subject to a flaw that could allow arbitrary code to be run. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open i...