Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Office code execution
updated since 16.06.2006
Published:10.08.2006
Source:
SecurityVulns ID:6270
Type:client
Threat Level:
8/10
Description:hlink.dll and Excel styles vulnerability, vulnerabilities in different record types processing are used to install malicious software in-the-wild.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
Original documentdocumentTSRT_(at)_3com.com, TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability (10.08.2006)
 documentTSRT_(at)_3com.com, [Full-disclosure] TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability (09.08.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-050 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670) (09.08.2006)
 documentNSFOCUS, [VulnWatch] NSFOCUS SA2006-06 : Microsoft Excel COLINFO Record Buffer Overflow Vulnerability (12.07.2006)
 documentNSFOCUS, [VulnWatch] NSFOCUS SA2006-05 : Microsoft Excel SELECTION Record Memory Corruption Vulnerability (12.07.2006)
 documentxin ouyang, [Full-disclosure] Microsoft Excel Could Allow Remote Code Execution by Malformed FNGROUPCOUNT value Vulnerability (12.07.2006)
 documentSowhat ., [Full-disclosure] Microsoft Excel Array Index Error Remote Code Execution (12.07.2006)
 documentZDI, ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability (12.07.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-037 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285) (11.07.2006)
 documentnanika, Excel 0day : Excel 2000/XP/2003 Style 0day POC (03.07.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-167A -- Microsoft Excel Vulnerability (17.06.2006)
 documentMIKEREAVEY, Reports of a new vulnerability in Microsoft Excel (16.06.2006)
Files:Microsoft Excel Remote Code Execution Proof Of Concept
 "Microsoft Office Excel 2003" Hlink Stack/SEH Overflow Exploit
 Excel 2000/XP/2003 Style 0day POC
 0-day Microsoft WORD Hlink Local Buffer Overflow Exploit
 excel unicode overflow poc
 Microsoft Security Bulletin MS06-037 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
 Microsoft Security Bulletin MS06-050 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod