Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452) |
Informations | |||
---|---|---|---|
Name | MS10-038 | First vendor Publication | 2010-06-08 |
Vendor | Microsoft | Last vendor Modification | 2010-06-30 |
Severity (Vendor) | Important | Revision | 1.2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.2 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 2027452 under Known Issues in the Executive Summary.Summary: This security update resolves fourteen privately reported vulnerabilities in Microsoft Office. The more severe vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-038.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
93 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
7 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6630 | |||
Oval ID: | oval:org.mitre.oval:def:6630 | ||
Title: | Excel Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1249. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1247 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6634 | |||
Oval ID: | oval:org.mitre.oval:def:6634 | ||
Title: | Excel Memory Corruption Vulnerability | ||
Description: | Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed ExternName (0x23) record, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1247. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1249 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6761 | |||
Oval ID: | oval:org.mitre.oval:def:6761 | ||
Title: | Excel Record Stack Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1251 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6768 | |||
Oval ID: | oval:org.mitre.oval:def:6768 | ||
Title: | Excel Record Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0821 and CVE-2010-1245. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0824 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6771 | |||
Oval ID: | oval:org.mitre.oval:def:6771 | ||
Title: | Excel Record Parsing Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with a crafted SxView record, related to improper validation of unspecified structures, aka "Excel Record Parsing Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-1245. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0821 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6839 | |||
Oval ID: | oval:org.mitre.oval:def:6839 | ||
Title: | Excel RTD Memory Corruption Vulnerability | ||
Description: | Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record, aka "Excel RTD Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1246 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6842 | |||
Oval ID: | oval:org.mitre.oval:def:6842 | ||
Title: | Excel ADO Object Vulnerability | ||
Description: | Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a "user-controlled pointer," aka "Excel ADO Object Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1253 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2007 Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6877 | |||
Oval ID: | oval:org.mitre.oval:def:6877 | ||
Title: | Excel Record Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1245 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7223 | |||
Oval ID: | oval:org.mitre.oval:def:7223 | ||
Title: | Excel HFPicture Memory Corruption Vulnerability | ||
Description: | Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1248 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7240 | |||
Oval ID: | oval:org.mitre.oval:def:7240 | ||
Title: | Excel Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-1247 and CVE-2010-1249. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0823 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7265 | |||
Oval ID: | oval:org.mitre.oval:def:7265 | ||
Title: | Excel Object Stack Overflow Vulnerability | ||
Description: | Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0822 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7369 | |||
Oval ID: | oval:org.mitre.oval:def:7369 | ||
Title: | Excel String Variable Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1252 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7593 | |||
Oval ID: | oval:org.mitre.oval:def:7593 | ||
Title: | Excel EDG Memory Corruption Vulnerability | ||
Description: | Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with malformed (1) EDG (0x88) and (2) Publisher (0x89) records, aka "Excel EDG Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1250 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 2 | |
Application | 2 | |
Application | 2 | |
Application | 1 |
SAINT Exploits
Description | Link |
---|---|
Microsoft Excel DBQueryExt record parsing vulnerability | More info here |
Microsoft Office Excel Malformed Obj Record Stack Buffer Overflow | More info here |
Microsoft Office Excel RTD Topic String Buffer Overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2011-11-22 | MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow |
2010-09-29 | MOAUB #29 - Microsoft Excel SxView Record Parsing Heap Memory Corruption |
2010-09-24 | MOAUB #24 - Microsoft Excel OBJ Record Stack Overflow |
2010-09-21 | MOAUB #21 - Microsoft Excel WOPT Record Parsing Heap Memory Corruption |
2010-09-16 | MOAUB #16 - Microsoft Excel HFPicture Record Parsing Remote Code Execution Vu... |
2010-09-10 | MOAUB #10 - Excel RTD Memory Corruption |
2010-07-14 | Microsoft Excel 0x5D record Stack Overflow Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2010-06-09 | Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2027452) File : nvt/secpod_ms10-038.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65239 | Microsoft Office Excel String Variable Handling Unspecified Code Execution A memory corruption flaw exists in Microsoft Office Excel. The program uses an uninitialized variable as a size argument when copying data during certain record type parsing, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65238 | Microsoft Office Excel Malformed RTD Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing malformed RTD (0x813) records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65237 | Microsoft Office Excel Malformed RTD Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed RTD records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65236 | Microsoft Office Excel Malformed OBJ Record Handling Overflow Microsoft Office Excel is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted Excel file containing a crafted malformed OBJ record, a context-dependent attacker can potentially execute arbitrary code. |
65235 | Microsoft Office Excel Malformed HFPicture Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed HFPicture records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65234 | Microsoft Office Excel on Mac OS X Open XML Permission Weakness Microsoft Office Excel on Mac OS X contains a flaw related to Microsoft Open XML File Format Converter's failure to securely set ACLs for the /Applications folder. This may allow a local attacker to access and replace the executable with a Trojan horse and execute arbitrary code. |
65233 | Microsoft Office Excel Unspecified Memory Corruption (2010-0823) A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing chart sheet substreams, resulting in memory corruption. With a specially crafted file, a context-dependent attacker can execute arbitrary code. |
65232 | Microsoft Office Excel Malformed ExternName Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed ExternName records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65231 | Microsoft Office Excel Malformed WOPT Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed WOPT records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65230 | Microsoft Office Excel EDG / Publisher Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling malformed EDG and Publisher records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65229 | Microsoft Office Excel SxView Record Handling Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing malformed SxView records, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
65228 | Microsoft Office Excel ADO Object DBQueryExt Record Handling Arbitrary Code E... Microsoft Office Excel contains a flaw related to the parsing of DBQueryExt records in Excel spreadsheet files. The issue is triggered when the program fails to check when parsing certain structure fields, allowing a user-controlled pointer to be called. This may allow a context-dependent attacker to use a crafted Excel file to execute arbitrary code. |
65227 | Microsoft Office Excel SXVIEW Record Parsing Memory Corruption A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when parsing SXVIEW records, resulting in memory corruption. With a specially crafted Excel spreadsheet file, a context-dependent attacker can execute arbitrary code. |
65226 | Microsoft Office Excel Unspecified Record Handling Stack Corruption Arbitrary... A memory corruption flaw exists in Microsoft Office Excel. The program fails to sanitize user-supplied input when handling a certain unspecified record type, resulting in memory corruption. With a specially crafted Excel file, a context-dependent attacker can execute arbitrary code. |
Snort® IPS/IDS
Date | Description |
---|---|
2019-10-01 | Microsoft Office Excel DBQueryExt record memory corruption attempt RuleID : 51326 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51172 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51171 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51170 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51169 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51168 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51167 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51166 - Revision : 1 - Type : FILE-OFFICE |
2019-09-24 | Microsoft Office Excel SxView heap overflow attempt RuleID : 51165 - Revision : 1 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51079 - Revision : 1 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51078 - Revision : 1 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51077 - Revision : 1 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel RealTimeData record heap memory corruption attempt RuleID : 51076 - Revision : 1 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51062 - Revision : 2 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51061 - Revision : 2 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51060 - Revision : 1 - Type : FILE-OFFICE |
2019-09-17 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 51059 - Revision : 1 - Type : FILE-OFFICE |
2018-03-13 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 45620 - Revision : 1 - Type : FILE-OFFICE |
2018-03-13 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 45619 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 37294 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 37293 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 36857 - Revision : 1 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Publisher record heap buffer overflow attempt RuleID : 24657 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 23554 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 23553 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 23552 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 23551 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record stack buffer overflow attempt RuleID : 23550 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 23549 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 23548 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro ... RuleID : 23547 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla RuleID : 23546 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro RuleID : 23545 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt RuleID : 23544 - Revision : 7 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record parsing memory corruption RuleID : 19412 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 19294 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 19259 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 19258 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 19132 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 19131 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel ADO Object Parsing Code Execution RuleID : 18772 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel ADO Object Parsing Code Execution RuleID : 18771 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Excel SxView heap overflow attempt RuleID : 16662 - Revision : 11 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel DBQueryExt record memory corruption attempt RuleID : 16657 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt RuleID : 16656 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Lbl record stack overflow attempt RuleID : 16655 - Revision : 16 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Publisher record heap buffer overflow attempt RuleID : 16654 - Revision : 20 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 RuleID : 16653 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 RuleID : 16652 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 RuleID : 16651 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 RuleID : 16650 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Excel HFPicture record stack buffer overflow attempt RuleID : 16649 - Revision : 10 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 RuleID : 16648 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 RuleID : 16647 - Revision : 17 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel RTD buffer overflow attempt RuleID : 16646 - Revision : 18 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel SxView record memory pointer corruption attempt RuleID : 16645 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel WOpt record memory corruption attempt RuleID : 16644 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Chart Sheet Substream memory corruption attempt RuleID : 16643 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro ... RuleID : 16641 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla RuleID : 16640 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro RuleID : 16639 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel OBJ record stack buffer overflow attempt RuleID : 16638 - Revision : 17 - Type : FILE-OFFICE |
Metasploit Database
id | Description |
---|---|
2010-06-08 | MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms10-038.nasl - Type : ACT_GATHER_INFO |
2010-06-09 | Name : Arbitrary code can be executed on the remote host through Microsoft Office Ex... File : smb_nt_ms10-038.nasl - Type : ACT_GATHER_INFO |
2010-06-09 | Name : The remote host has multiple vulnerabilities. File : smb_nt_ms10-039.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:13 |
|
2014-02-17 11:46:35 |
|
2014-01-19 21:30:28 |
|