Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20178
HistoryOct 17, 2010 - 12:00 a.m.

Microsoft Excel PtgExtraArray结构解析内存破坏漏洞(MS10-080)

2010-10-1700:00:00
Root
www.seebug.org
14

0.973 High

EPSS

Percentile

99.8%

JSON

BUGTRAQ ID: 43654
CVE ID: CVE-2010-3239

Excel是微软Office套件中的电子表格工具。

Excel在解析文档的PtgExtraArray结构时存在内存破坏漏洞,用户受骗打开了畸形的.XSL文件就会导致执行任意代码。

Microsoft Excel 2002 SP3
临时解决方法:

  • 不要打开从不可信任来源接收到或从可信任来源意外接收到的Microsoft Office文件。

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS10-080)以及相应补丁:
MS10-080:Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
链接:http://www.microsoft.com/technet/security/bulletin/MS10-080.mspx?pf=true

Related

checkpoint_advisories 1
prion 1
cve 1
securityvulns 3
nessus 1
openvas 2
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Extra Out of Boundary Record Parsing Code Execution (MS10-080; CVE-2010-3239)
2010-10-12 00:00:00
prion
prion
Spoofing
2010-10-13 19:00:00
cve
cve
CVE-2010-3239
2010-10-13 19:00:00
securityvulns
securityvulns
VUPEN Security Research - Microsoft Office Excel Extra PtgExtraArray Parsing Vulnerability (CVE-2010-3239)
2010-10-16 00:00:00
Microsoft Security Bulletin MS10-080 - Important Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
2010-10-13 00:00:00
Microsoft Office security vulnerabilities
2010-10-16 00:00:00
nessus
nessus
MS10-080: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
2010-10-13 00:00:00
openvas
openvas
Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211)
2010-10-13 00:00:00
Microsoft Office Excel Remote Code Execution Vulnerabilities (2293211)
2010-10-13 00:00:00

0.973 High

EPSS

Percentile

99.8%

JSON
Related for SSV:20178
checkpoint_advisories1prion1cve1securityvulns3nessus1openvas2