989 matches found
Microsoft Office Excel SxView Record Memory Corruption (MS09-067; CVE-2009-3128)
Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this flaw ...
Microsoft Office Excel Field Sanitization Remote Code Execution (MS09-067; CVE-2009-3134)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...
Microsoft Office Excel Legacy Files (CVE-2009-3131; CVE-2010-1251; CVE-2010-1252; CVE-2010-3230)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse Office Excel legacy files. A remote attacker could trigger this flaw by...
Microsoft Excel SST Record Integer Overflow (MS09-021; CVE-2009-0561; CVE-2009-3037)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in the Microsoft Excel. The flaw is due to a memory corruption error in Microsoft Excel when loading specially crafted Excel files that include a malformed record object. The...
Microsoft Excel BIFF format Qsir record memory corruption
Added: 09/11/2009 CVE: CVE-2009-1134 BID: 35246 OSVDB: 54958 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user closes a spreadshee...
Microsoft Excel BIFF format Qsir record memory corruption
Added: 09/11/2009 CVE: CVE-2009-1134 BID: 35246 OSVDB: 54958 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user closes a spreadshee...
Buffer overflow
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer aka File Viewer for Excel, as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention DLP, and other products, allows remote attackers to execute arbitrary code...
Symantec Products Autonomy KeyView Module Vulnerability
SUMMARY Symantec products that ship a third-party Autonomy KeyView module have updated the module to address a vulnerability in the processing of Excel spreadsheets reported against the KeyView module. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Mail Security...
Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability
Added: 08/24/2009 CVE: CVE-2009-2496 BID: 35991 OSVDB: 56915 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control allows command execution when a user opens a web...
ZDI-09-054: Microsoft Office OWC10.Spreadsheet ActiveX msDataSourceObject() Heap Corruption Vulnerability
ZDI-09-054: Microsoft Office OWC10.Spreadsheet ActiveX msDataSourceObject Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-054 August 11, 2009 -- CVE ID: CVE-2009-1136 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Word Microsoft Office Excel...
ZDI-09-056: Microsoft Office OWC10.Spreadsheet ActiveX BorderAround() Heap Corruption Vulnerability
ZDI-09-056: Microsoft Office OWC10.Spreadsheet ActiveX BorderAround Heap Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-056 August 11, 2009 -- CVE ID: CVE-2009-2496 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Word Microsoft Office Excel --...
Microsoft Office OWC10.Spreadsheet ActiveX BorderAround() Heap Corruption Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists in the OWC10.Spreadsheet.10 ActiveX control...
Microsoft Office OWC10.Spreadsheet ActiveX msDataSourceObject() Heap Corruption Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the processing of malicious parameters to the...
MS Office Web Components Spreadsheet ActiveX (OWC10/11) Exploit
No description provided by source. Author : Ahmed Obied [email protected] - Based on the code posted at http://www.milw0rm.com/exploits/9163 - Tested using: Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc10.dll installed Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc11.dll...
MS Office Web Components Spreadsheet ActiveX (OWC10/11) Exploit
Exploit for windows platform in category remote exploits =============================================================== MS Office Web Components Spreadsheet ActiveX OWC10/11 Exploit =============================================================== Author : Ahmed Obied - Tested using: Internet...
Microsoft Office Web Components (Spreadsheet) ActiveX BOF PoC
Exploit for unknown platform in category dos / poc ============================================================= Microsoft Office Web Components Spreadsheet ActiveX BOF PoC ============================================================= var shellcode = unescape"evil code"; var array = new Array; va...
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
Microsoft Office Web Components OWC Spreadsheet - ActiveX Buffer Overflow PoC var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.length milw0rm.com 2009-07-16...
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
var shellcode = unescape"evil code"; var array = new Array; var ls = 0x81000-shellcode.length2; var bigblock = unescape"%u0b0c%u0b0C"; whilebigblock.length milw0rm.com 2009-07-16...
CVE-2009-1136
CVE-2009-1136 affects the Microsoft Office Web Components Spreadsheet ActiveX control (OWC10/OWC11) bundled with Office XP SP3, Office 2003 SP3, and related Web Components/ISA configurations. A crafted call to msDataSourceObject in Internet Explorer allows remote code execution; this vulnerabilit...
Microsoft Office Web Components Spreadsheet ActiveX control vulnerability
Overview The Microsoft Office Web Components Spreadsheet ActiveX controls OWC10 and OWC11 contain a vulnerability that may allow an attacker to take control of a vulnerable system. Description The Office Web Components Spreadsheet ActiveX control contains a code execution vulnerability. Public...