what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

iDEFENSE Security Advisory 2010-03-09.3: Posted Mar 10, 2010; Authored by iDefense Labs, Sean Larsson | Site idefense.com; iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXSET record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXSET record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.; tags | advisory, remote, overflow, arbitrary; advisories | CVE-2010-0261; SHA-256 | 77193ef3d20874264fedaa93e9df41c77a445408a2adbf53e0f52c7a05ed79da; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

Recent News

Authorities Investigate LabHost Users After Phishing Service Shutdown: Posted Apr 23, 2024; tags | headline, cybercrime, fraud, phish; Favorite | View

Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware: Posted Apr 23, 2024; tags | headline, government, microsoft, usa, russia, flaw, cyberwar, spyware, nsa; Favorite | View

Russia's Sandworm APT Linked To Attack On Texas Water Plant: Posted Apr 18, 2024; tags | headline, malware, usa, russia, cyberwar, scada; Favorite | View

EU Tells Meta It Can't Paywall Privacy: Posted Apr 18, 2024; tags | headline, government, privacy, facebook, social; Favorite | View

Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections: Posted Apr 18, 2024; tags | headline, government, usa, russia, fraud, cyberwar; Favorite | View

Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive: Posted Apr 18, 2024; tags | headline, government, privacy, usa, phone, spyware; Favorite | View

Five Eyes Agencies Release New AI Security Guidance: Posted Apr 18, 2024; tags | headline, government; Favorite | View

Phishing Platform LabHost Shut Down By Law Enforcement: Posted Apr 18, 2024; tags | headline, government, fraud, phish; Favorite | View

Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards: Posted Apr 17, 2024; tags | headline, phone, cybercrime, fraud, password; Favorite | View

Ivanti Patches 27 Vulns In Avalanche MDM Product: Posted Apr 17, 2024; tags | headline, flaw, patch; Favorite | View

View More News →

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec