Showing 1 - 4 of 4

CVE-2009-1136

Status Candidate

Overview

The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 Gold and SP1, and Office Small Business Accounting 2006, when used in Internet Explorer, allows remote attackers to execute arbitrary code via a crafted call to the msDataSourceObject method, as exploited in the wild in July and August 2009, aka "Office Web Components HTML Script Vulnerability."

Related Files

Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption: Posted Mar 3, 2010; Authored by H D Moore | Site metasploit.com; This Metasploit module exploits a memory corruption vulnerability within the Office Web Component Spreadsheet ActiveX control. This Metasploit module was based on an exploit found in the wild.; tags | exploit, web, activex; advisories | CVE-2009-1136; SHA-256 | 6d72596e2aa82e33821ee1c84cc5091c7a04974bce3fdbaf8797e51d53b96596; Download | Favorite | View

Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption: Posted Nov 26, 2009; Authored by H D Moore | Site metasploit.com; This Metasploit module exploits a memory corruption vulnerability within the Office Web Component Spreadsheet ActiveX control. This module was based on an exploit found in the wild.; tags | exploit, web, activex; advisories | CVE-2009-1136; SHA-256 | 63e393d818d0e11fefc366662c76d81a1d1c79713209420ea516ad8d7619f717; Download | Favorite | View

Zero Day Initiative Advisory 09-054: Posted Aug 11, 2009; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 09-054 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the processing of malicious parameters to the routine msDataSourceObject() and results in transfer of control to unallocated memory. This issue can be exploited to execute arbitrary code under the context of the currently logged in user.; tags | advisory, arbitrary; advisories | CVE-2009-1136; SHA-256 | 6f40fa8d7176ee796ea4df869b27744542a68bea5a6da7913295f6a0d2f6dcea; Download | Favorite | View

Microsoft Office Memory Corruption: Posted Jul 14, 2009; Authored by Haifei Li | Site fortinet.com; A memory corruption vulnerability exists in the ActiveX Controls of Microsoft Office Web Components which allows a remote attacker to compromise a system through a malicious site.; tags | advisory, remote, web, activex; advisories | CVE-2009-1136; SHA-256 | 262b9ebc70d8181838c9653a34cabbd6f2c13fed91bd73c202ccbb62d0bc7ccd; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 184 files
Ubuntu 64 files
Debian 22 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Google Security Research 6 files
Apple 6 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,009)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,174)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,460)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,433)
UNIX (9,390)
UnixWare (187)
Windows (6,648)
Other

CVE-2009-1136

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems