[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98503

 
 

909

 
 

79321

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Record Integer Overflow Vulnerability

ID: oval:org.mitre.oval:def:5925Date: (C)2009-06-09   (M)2017-10-04
Class: VULNERABILITYFamily: windows




Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Microsoft Office SharePoint Server 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via an Excel file with a Shared String Table (SST) record with a numeric field that specifies an invalid number of unique strings, which triggers a heap-based buffer overflow, aka "Record Integer Overflow Vulnerability."

Platform:
Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows 10
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows Server 2008 R2
Product:
Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Excel Viewer 2003
Microsoft Excel Viewer 2007
Microsoft Office Compatibility Pack
Microsoft SharePoint Server 2007
Reference:
CVE-2009-0561
CVE    1
CVE-2009-0561
CPE    12
cpe:/a:microsoft:office_compatibility_pack:sp2
cpe:/a:microsoft:sharepoint_server:2007:sp2
cpe:/a:microsoft:excel:2000
cpe:/a:microsoft:excel:2003
...

© 2013 SecPod Technologies