Многочисленные уязвимости в Microsoft Excel (multiple bugs) дополнено с 8 мая 2007 г.
Опубликовано:		10 мая 2007 г.
Источник:		MICROSOFT
SecurityVulns ID:		7677
Тип:		клиент
Опасность:		6/10
Описание:		Многочисленные повреждения памяти при разборе различных типов записей.

Затронутые продукты:		MICROSOFT : Office 2000
		MICROSOFT : Office 2003
		MICROSOFT : Office 2007
CVE:		CVE-2007-1214 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption.)
		CVE-2007-1203 (Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption.)
		CVE-2007-0215 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.)

Оригинальный текст		IDEFENSE, iDefense Security Advisory 05.08.07: Microsoft Excel Filter Record Code Execution Vulnerability (10.05.2007)
		ZDI, ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability (08.05.2007)
		MICROSOFT, Microsoft Security Bulletin MS07-023 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233) (08.05.2007)

Файлы:		Microsoft Security Bulletin MS07-023 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)
Обсудить:		Прочитать или оставить комментарии к новости (0 комментариев)