Description of the Open XML File Format Converter for Mac 1.0.2 Update

The Open XML File Format Converter for Mac 1.0.2 Update includes fixes for vulnerabilities that an attacker can use to overwrite the contents of a computer's memory by using malicious code.INTRODUCTION Microsoft has released security bulletins MS08-072 and MS08-074. These security bulletins conta...

Microsoft Excel畸形记录远程代码执行漏洞（MS11-072）

BUGTRAQ ID: 49478 CVECAN ID: CVE-2011-1988 Microsoft Excel是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。 Microsoft Excel在处理畸形记录时存在远程代码执行漏洞，远程攻击者可利用此漏洞以当前用户权限执行任意代码。 Excel解析电子表格文件中的特制记录时，其中的特定值可触发内存破坏漏洞。 Microsoft Excel 2010 Microsoft Excel 2007 Microsoft Excel 2003 Microsoft Office...

Microsoft Excel数组索引远程代码执行漏洞（MS11-072）

BUGTRAQ ID: 49477 CVECAN ID: CVE-2011-1987 Microsoft Excel是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。 Microsoft Excel在处理特制Excel文件时存在远程代码执行漏洞，远程攻击者可利用此漏洞以当前用户权限执行任意代码，可能造成拒绝服务。...

CVE-2011-1277

Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted...

Heap overflow

Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

CVE-2011-1277

Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted...

Buffer overflow

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted HLink record in an Excel file, aka "Excel Buffer Overwrite Vulnerability."...

Buffer overflow

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data...

Integer overflow

Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute...

CVE-2011-0104

CVE-2011-0104 affects Microsoft Excel 2002 SP3, Excel 2003 SP3, Office 2004/2008 for Mac, and Open XML File Format Converter for Mac. A crafted HLink record in an Excel file can trigger memory corruption, allowing remote code execution or causing a denial of service. Exploitation details or in‑th...

CVE-2011-0105

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data...

CVE-2011-0097

Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary cod...

CVE-2011-0105

CVE-2011-0105 describes a buffer overflow in Microsoft Excel-related components caused by obtaining a length value from an uninitialized memory location, enabling remote code execution via a crafted Excel file. Affected products listed in the provided sources include Excel 2002 SP3, Office for Ma...

CVE-2011-0977

Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office...

CVE-2011-0980

CVE-2011-0980 corresponds to a memory corruption flaw in Microsoft Office that arises when parsing Office Art objects, enabling remote code execution via a crafted file. It affects Excel/Office components across Windows and Mac builds listed in the initial document (Excel 2002/2003, Office for Ma...

CVE-2010-3333

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overfl...

Memory corruption

Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbt...

CVE-2010-3336

CVE-2010-3336 is a remote code execution vulnerability in Microsoft Office (MSO Large SPID Read AV Vulnerability). The MS10-087 bulletin documents this family of Office memory-corruption flaws, affecting Office XP SP3, Office 2003/2004/2007/2010 on Windows, Office for Mac 2011, and Open XML File ...

CVE-2010-3333

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overfl...

Microsoft Office Art Drawing Record Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to corrupt memory and execute arbitrary code in the context of the...