CVE-2011-0978 – Microsoft Office Excel Axis Properties Record Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0978
Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Office Excel permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados con un registro de propiedades de eje, y el incremento indebido de un índice de matriz. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's usage of a specific field used for incrementing an index used in an array. Due to the application failing to verify the usage of the index into the array, the application will copy the contents of the specified element into a statically sized buffer on the stack. • https://www.exploit-db.com/exploits/17227 http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft http://secunia.com/advisories/39122 http://secunia.com/advisories/43232 http://securityreason.com/securityalert/8231 http://www.securitytracker.com/id?1025337 http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://www.vupen.com/english/advisories/2011/0940 http://zerodayinitiative.com/advisories/ZDI-11-042 https://docs.microsoft.com/en-us/security-updates/securityb • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0979 – Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0979
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a malformed object record, related to a "stray reference," aka "Excel Linked List Corruption Vulnerability." Excel 2002 SP3, 2003 SP3, 2007 SP2 y 2010; Office 2004, 2008 y 2011 para Mac; Open XML File Format Converter para Mac; y Excel Viewer SP2 de Microsoft, no maneja apropiadamente los errores durante el análisis de registros Art de Office en hojas de cálculo de Excel, lo que permite a los atacantes remotos ejecutar código arbitrario por medio de un registro de objeto malformado, relacionado con una "stray reference", también se conoce como "Excel Linked List Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the application parses an Office Art record within a Microsoft Excel Document. Specifically, when parsing an office art object record, if an error occurs, the application will add a stray reference to an element which is part of a linked list. • http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft http://osvdb.org/70904 http://secunia.com/advisories/39122 http://secunia.com/advisories/43231 http://www.securitytracker.com/id?1025337 http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://www.vupen.com/english/advisories/2011/0940 http://zerodayinitiative.com/advisories/ZDI-11-041 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021 https://oval.cisecurity.org/repository • CWE-20: Improper Input Validation •
CVE-2010-3214
https://notcve.org/view.php?id=CVE-2010-3214
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, y 2010; Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Office Compatibility Pack for Word, Excel, y PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; y Word Web App permite a atacantes remotos ejecutar código de su elección a través de documentos Word manipulado, también conocido como "Word Stack Overflow Vulnerability". • http://www.securityfocus.com/archive/1/514302/100/0/threaded http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-079 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7322 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-3240
https://notcve.org/view.php?id=CVE-2010-3240
Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability." Microsoft Excel 2002 SP3 y 2007 SP2; Excel Viewer SP2; y Office Compatibility Pack para Word, Excel, and PowerPoint 2007 File Formats SP2 no valida adecuadamente los registros de informacio´n, lo que permite a atacantes remotos ejecutar código de su elección a través de documentos Excel manipulados, conocido como "Vulnerabildad de registro de array en tiempo real." • http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-080 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7196 • CWE-20: Improper Input Validation •
CVE-2010-3232
https://notcve.org/view.php?id=CVE-2010-3232
Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel File Format Parsing Vulnerability." Microsoft Excel 2003 SP3 y 2007 SP2; Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Excel Viewer SP2; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2 no valida adecuadamente la información de registro, lo que permite a atacantes remotos ejecutar código de su elección a través de un documento excel manipulado, también conocido como "Vulnerabilidad Excel File Format Parsing" • http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-080 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7575 • CWE-20: Improper Input Validation •