English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.902410
Categoría:Windows : Microsoft Bulletins
Título:Microsoft Office Excel Remote Code Execution Vulnerabilities (2489279)
Resumen:This host is missing a critical security update according to; Microsoft Bulletin MS11-021.
Descripción:Summary:
This host is missing a critical security update according to
Microsoft Bulletin MS11-021.

Vulnerability Insight:
The flaws are caused by memory corruption, heap and integer overflows, buffer
overwrite, array indexing, and dangling pointers when parsing malformed data or
records within Excel documents, which could be exploited by attackers to execute
arbitrary code by tricking a user into opening a specially crafted Excel file.

Vulnerability Impact:
Successful exploitation could allow attackers to execute arbitrary code by
tricking a user into opening a malicious Excel file.

Affected Software/OS:
- Microsoft Excel Viewer Service Pack 2

- Microsoft Office Excel 2002 Service Pack 3

- Microsoft Office Excel 2003 Service Pack 3

- Microsoft Office Excel 2007 Service Pack 2

- Microsoft Office Excel 2010

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0097
BugTraq ID: 47201
http://www.securityfocus.com/bid/47201
Cert/CC Advisory: TA11-102A
http://www.us-cert.gov/cas/techalerts/TA11-102A.html
http://secunia.com/secunia_research/2011-31
Microsoft Security Bulletin: MS11-021
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-021
http://osvdb.org/71758
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12612
http://www.securitytracker.com/id?1025337
http://secunia.com/advisories/39122
http://www.vupen.com/english/advisories/2011/0940
Common Vulnerability Exposure (CVE) ID: CVE-2011-0098
BugTraq ID: 47235
http://www.securityfocus.com/bid/47235
http://secunia.com/secunia_research/2011-32/
http://osvdb.org/71759
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12034
Common Vulnerability Exposure (CVE) ID: CVE-2011-0101
BugTraq ID: 47243
http://www.securityfocus.com/bid/47243
Bugtraq: 20110412 ZDI-11-120: Microsoft Office Excel RealTimeData Record Parsing Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/517463/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-11-120
http://osvdb.org/71766
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11676
Common Vulnerability Exposure (CVE) ID: CVE-2011-0103
BugTraq ID: 47244
http://www.securityfocus.com/bid/47244
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=901
http://osvdb.org/71760
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12616
Common Vulnerability Exposure (CVE) ID: CVE-2011-0104
BugTraq ID: 47245
http://www.securityfocus.com/bid/47245
http://www.checkpoint.com/defense/advisories/public/2011/cpai-31-Mard.html
http://osvdb.org/71761
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11767
Common Vulnerability Exposure (CVE) ID: CVE-2011-0105
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12618
Common Vulnerability Exposure (CVE) ID: CVE-2011-0978
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft
http://zerodayinitiative.com/advisories/ZDI-11-042/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12439
http://secunia.com/advisories/43232
http://securityreason.com/securityalert/8231
Common Vulnerability Exposure (CVE) ID: CVE-2011-0979
http://zerodayinitiative.com/advisories/ZDI-11-041/
http://osvdb.org/70904
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12595
http://secunia.com/advisories/43231
Common Vulnerability Exposure (CVE) ID: CVE-2011-0980
http://zerodayinitiative.com/advisories/ZDI-11-040/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12018
http://secunia.com/advisories/43210
CopyrightCopyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.