Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Office
дополнено с 9 июня 2010 г.
Опубликовано:14 июня 2010 г.
Источник:
SecurityVulns ID:10913
Тип:клиент
Уровень опасности:
7/10
Описание:Выполнение кода через внедренные COM-объекты, многочисленные повреждения памяти в Excel.
Затронутые продукты:MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2007
 MICROSOFT : Office 2008 for Mac
CVE:CVE-2010-1263 (Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability.")
 CVE-2010-1254 (The installation for Microsoft Open XML File Format Converter for Mac sets insecure ACLs for the /Applications folder, which allows local users to execute arbitrary code by replacing the executable with a Trojan Horse, aka "Mac Office Open XML Permissions Vulnerability.")
 CVE-2010-1253 (Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a "user-controlled pointer," aka "Excel ADO Object Vulnerability.")
 CVE-2010-1252 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerability.")
 CVE-2010-1251 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability.")
 CVE-2010-1250 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with malformed (1) EDG (0x88) and (2) Publisher (0x89) records, aka "Excel EDG Memory Corruption Vulnerability.")
 CVE-2010-1249 (Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed ExternName (0x23) record, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1247.)
 CVE-2010-1248 (Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability.")
 CVE-2010-1247 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1249.)
 CVE-2010-1246 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record, aka "Excel RTD Memory Corruption Vulnerability.")
 CVE-2010-1245 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821.)
 CVE-2010-0824 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0821 and CVE-2010-1245.)
 CVE-2010-0823 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-1247 and CVE-2010-1249.)
 CVE-2010-0822 (Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability.")
 CVE-2010-0821 (Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with a crafted SxView record, related to improper validation of unspecified structures, aka "Excel Record Parsing Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-1245.)
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel ExternName Buffer Overflow Vulnerability (CVE-2010-1249) (14.06.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel HFPicture Buffer Overflow Vulnerability (CVE-2010-1248) (09.06.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel WOPT Heap Corruption Vulnerability (CVE-2010-0824) (09.06.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel RTD Stack Overflow Vulnerability (CVE-2010-1246) (09.06.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel SxView Memory Corruption Vulnerability (CVE-2010-1245) (09.06.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel EDG Heap Overflow Vulnerability (CVE-2010-1250) (09.06.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel RTD Heap Corruption Vulnerability (CVE-2010-1247) (09.06.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel OBJ Stack Overflow Vulnerability (CVE-2010-0822) (09.06.2010)
 documentZDI, ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability (09.06.2010)
 documentZDI, ZDI-10-103: Microsoft Office Excel DBQueryExt Record Unspecified ADO Object Remote Code Execution Vulnerability (09.06.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-038 - Important Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) (09.06.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-036 - Important Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235) (09.06.2010)
Файлы:Microsoft Security Bulletin MS10-036 - Important Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)
 Microsoft Security Bulletin MS10-038 - Important Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород