Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20197
HistoryOct 26, 2010 - 12:00 a.m.

Microsoft Word多个缓冲区溢出和未初始化指针漏洞(MS10-079)

2010-10-2600:00:00
Root
www.seebug.org
14

0.951 High

EPSS

Percentile

99.1%

JSON

BUGTRAQ ID: 43754,43760,43765,43766,43767,43769,43784,43783,43782,43771,43770
CVE ID: CVE-2010-2747,CVE-2010-3214,CVE-2010-2748,CVE-2010-2750,CVE-2010-3215,CVE-2010-3216,CVE-2010-3221,CVE-2010-3220,CVE-2010-3219,CVE-2010-3218,CVE-2010-3217

Word是微软Office套件中的文字处理工具。

Microsoft Word解析特制Word文档中的某些数据、LVL结构、BKF对象、书签的方式存在多个未初始化指针、缓冲区溢出、内存破坏等漏洞,成功利用这些漏洞的攻击者可以完全控制受影响的系统。

Microsoft Office 2008 for Mac
Microsoft Office 2004 for Mac
Microsoft Word 2010
Microsoft Word 2007 SP2
Microsoft Word 2002 SP3
临时解决方法:

  • 不要打开不可信任来源所收到的Word文档。

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS10-079)以及相应补丁:
MS10-079:Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
链接:http://www.microsoft.com/china/technet/security/bulletin/ms10-079.mspx

Related

nessus 2
mskb 1
openvas 2
securityvulns 14
symantec 11
prion 11
checkpoint_advisories 6
cve 11
nessus
nessus
MS10-079: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
2010-10-13 00:00:00
MS10-079 / MS10-080 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2293194 / 2293211) (Mac OS X)
2010-10-20 00:00:00
mskb
mskb
MS10-079: Vulnerabilities in Word could allow remote code execution
2019-11-06 02:31:08
openvas
openvas
Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)
2010-10-13 00:00:00
Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)
2010-10-13 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS10-079 - Important Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
2010-10-13 00:00:00
Microsoft Office security vulnerabilities
2010-10-16 00:00:00
VUPEN Security Research - Microsoft Office Word Uninitialized Pointer Vulnerability (CVE-2010-2747)
2010-10-16 00:00:00
symantec
symantec
Microsoft Word Uninitialized Pointer (CVE-2010-2747) Remote Code Execution Vulnerability
2010-10-12 00:00:00
Microsoft Word Index Value Handling (CVE-2010-2750) Remote Code Execution Vulnerability
2010-10-12 00:00:00
Microsoft Word Record Value Parsing (CVE-2010-3221) Remote Code Execution Vulnerability
2010-10-12 00:00:00
prion
prion
Memory corruption
2010-10-13 19:00:00
Memory corruption
2010-10-13 19:00:00
Memory corruption
2010-10-13 19:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Word Index Value Parsing Memory Corruption (MS10-079; CVE-2010-3219)
2010-10-12 00:00:00
Microsoft Word LVL Structure Parsing Remote Code Execution (MS10-079; CVE-2010-3220)
2010-10-12 00:00:00
Microsoft Word Unchecked Index Value Remote Code Execution (MS10-079; CVE-2010-2750)
2010-11-09 00:00:00
cve
cve
CVE-2010-2747
2010-10-13 19:00:00
CVE-2010-2750
2010-10-13 19:00:00
CVE-2010-3220
2010-10-13 19:00:00

0.951 High

EPSS

Percentile

99.1%

JSON
Related for SSV:20197
nessus2mskb1openvas2securityvulns14symantec11prion11checkpoint_advisories6cve11