Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Microsoft Excel buffer oveflows
updated since 09.01.2007
Published:01.02.2007
Source:
SecurityVulns ID:7027
Type:client
Threat Level:
7/10
Description:Heap buffer overflow on oversized value of BIFF8 type column. Heap buffer overflow on oversized palette value for BIFF8 type column.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
CVE:CVE-2007-0031 (Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.)
 CVE-2007-0030 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.)
 CVE-2007-0029 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability.")
 CVE-2007-0028 (Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.)
 CVE-2007-0027 (Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption.)
Original documentdocumentLifeAsaGeek_(at)_gmail.com, MS07-002 EXCEL Malformed Palette Record Vulnerability DOS POC (01.02.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-002 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198) (09.01.2007)
 documentIDEFENSE, [Full-disclosure] iDefense Security Advisory 01.09.07: Microsoft Excel Invalid Column Heap Corruption Vulnerability (09.01.2007)
 documentIDEFENSE, [Full-disclosure] iDefense Security Advisory 01.09.07: Microsoft Excel Long Palette Heap Overflow Vulnerability (09.01.2007)
Files:Microsoft Security Bulletin MS07-002 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod