what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

iDEFENSE Security Advisory 2010-03-09.3: Posted Mar 10, 2010; Authored by iDefense Labs, Sean Larsson | Site idefense.com; iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXSET record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXSET record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.; tags | advisory, remote, overflow, arbitrary; advisories | CVE-2010-0261; SHA-256 | 77193ef3d20874264fedaa93e9df41c77a445408a2adbf53e0f52c7a05ed79da; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

Recent News

Life Imitates xkcd Comic As Florida Gang Beats Crypto Password From Retiree: Posted Sep 20, 2024; tags | headline, cybercrime, data loss, cryptography; Favorite | View

1 In 10 Orgs Dumping Their Security Vendors After CrowdStrike Outage: Posted Sep 20, 2024; tags | headline, denial of service; Favorite | View

Cyber Crooks Strut Away With Haute Couture Harvey Nichols Data: Posted Sep 20, 2024; tags | headline, hacker, privacy, britain, cybercrime, data loss, fraud; Favorite | View

Noise Storms: Massive Amounts Of Spoofed Web Traffic Linked To China: Posted Sep 20, 2024; tags | headline, china; Favorite | View

Tor Network Denies Report That Anonymity Is Completely Canceled: Posted Sep 20, 2024; tags | headline, government, privacy, cryptography; Favorite | View

Marko Polo Hackers Found To Be Running Dozens Of Scams: Posted Sep 20, 2024; tags | headline, hacker, cybercrime, fraud, phish, cryptography; Favorite | View

Re-Opened Three Mile Island Will Power AI Datacenters Under New Deal: Posted Sep 20, 2024; tags | headline, microsoft, botnet; Favorite | View

Social Media Users Lack Control Over Data Used By AI, US FTC Says: Posted Sep 19, 2024; tags | headline, government, privacy, usa, data loss, botnet; Favorite | View

Hackers Demand $6 Million From Seattle Airport Operators: Posted Sep 19, 2024; tags | headline, hacker, cybercrime, data loss, fraud, cryptography; Favorite | View

Recent WhatsUp Gold Vulnerabilities Possibly Exploited In Ransomware Attacks: Posted Sep 19, 2024; tags | headline, malware, cybercrime, flaw, cryptography; Favorite | View

View More News →

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec