CVE-2009-1134 – Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1134
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806) record object, aka "Record Pointer Corruption Vulnerability." Excel en 2007 Office System SP1 y SP2 de Microsoft; Office Excel Viewer de Microsoft; y Office Compatibility Pack para formatos de archivo de Word, Excel y PowerPoint 2007 SP1 y SP2 de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo BIFF con un objeto de registro Qsir (0x806) malformado, también se conoce como "Record Pointer Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires user interaction in that a victim must open a malicious XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel. When Excel 2007 encounters a malformed Qsir record (0x806) user data is improperly handled leading to potential code execution. • http://osvdb.org/54958 http://www.securityfocus.com/archive/1/504213/100/0/threaded http://www.securityfocus.com/bid/35246 http://www.securitytracker.com/id?1022351 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1540 http://www.zerodayinitiative.com/advisories/ZDI-09-040 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-0224
https://notcve.org/view.php?id=CVE-2009-0224
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and 9.0; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly validate PowerPoint files, which allows remote attackers to execute arbitrary code via multiple crafted BuildList records that include ChartBuild containers, which triggers memory corruption, aka "Memory Corruption Vulnerability." Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, y 2007 SP1 y SP2; PowerPoint Viewer 2003 y 2007 SP1 y SP2; PowerPoint en Microsoft Office 2004 para Mac y 2008 para Mac; Open XML File Format Converter para Mac; Microsoft Works 8.5 y 9.0; y Microsoft Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2 no valida adecuadamente la lista de registros en ficheros PowerPoint, lo que permite a atantes remotos ejecutar código de su elección a través de ficheros manipulados que lanzan una corrupción de memoria relacionada con un tipo de registro inválido, también conocido como "Vulnerabilidad de corrupción de memoria". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=793 http://secunia.com/advisories/32428 http://www.securityfocus.com/bid/34879 http://www.securitytracker.com/id?1022205 http://www.us-cert.gov/cas/techalerts/TA09-132A.html http://www.vupen.com/english/advisories/2009/1290 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6023 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-0100
https://notcve.org/view.php?id=CVE-2009-0100
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that contains a malformed object with "an offset and a two-byte value" that trigger a memory calculation error, aka "Memory Corruption Vulnerability." Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, y 2007 SP1; Excel en Microsoft Office 2004 y 2008 para Mac; Microsoft Office Excel Viewer y Excel Viewer 2003 SP3; y Microsoft Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 no parsea adecuadamente el fichero con formato de hoja de cálculo Excel, lo cual permite a atacantes remotos ejecutar código de su elección a través de una hoja de cálculo manipulada que contiene un objeto mal formado, también conocido como "Vulnerabilidad de corrupción de memoria". • http://osvdb.org/53665 http://www.fortiguardcenter.com/advisory/FGA-2009-16.html http://www.securityfocus.com/archive/1/502696/100/0/threaded http://www.securitytracker.com/id?1022039 http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://www.vupen.com/english/advisories/2009/1023 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6043 • CWE-399: Resource Management Errors •
CVE-2009-0238
https://notcve.org/view.php?id=CVE-2009-0238
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC. Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3 y 2007 SP1; Excel Viewer 2003 Gold y SP3; Excel Viewer; Compatibility Pack para Word, Excel y PowerPoint 2007 File Formats SP1; y Excel de Microsoft Office 2004 y 2008 para Mac; permiten a atacantes remotos ejecutar código de su elección a través de un documento Excel manipulado que provoca un intento de acceso a un objeto no válido, tal y como se ha explotado libremente en Febrero 2009 por MDropper.XR. • http://blogs.zdnet.com/security/?p=2658 http://isc.sans.org/diary.html?storyid=5923 http://securitytracker.com/id?1021744 http://www.microsoft.com/technet/security/advisory/968272.mspx http://www.securityfocus.com/bid/33870 http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99 http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://www.vupen.com/english/advisories/2009/1023 https://docs.microsoft.com/en-us/security-updates/securitybulletins • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2008-4265
https://notcve.org/view.php?id=CVE-2008-4265
Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format Parsing Vulnerability." Microsoft Office Excel 2000 SP3 permite a atacantes remotos ejecutar código de su elección mediante una hoja de cálculo manipulada que contiene un objeto malformado, lo que dispara una corrupción de memoria durante la carga de registros desde esta hoja de cálculo, alias "Vulnerabilidad de Análisis de Formato de Fichero". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=763 http://www.securitytracker.com/id?1021368 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/3386 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5614 • CWE-399: Resource Management Errors •