فا

‫ Microsoft Office Two Memory Corruption Vulnerabilities

ID: IRCAD2015053921
Release Date: 2015-05-12
Criticality level: Highly critical
Software:
Microsoft Excel 2010
Microsoft Excel 2011 for Mac
Microsoft Excel 2013
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2013 RT
Microsoft Office for Mac 2011
Microsoft Office PowerPoint Viewer 2010
Microsoft Office Web Apps 2010
Microsoft Office Web Apps 2013
Microsoft PowerPoint 2010
Microsoft Powerpoint 2011 for Mac
Microsoft PowerPoint 2013
Microsoft SharePoint Server 2010
Microsoft SharePoint Server 2013
Microsoft Word 2010
Microsoft Word 2011 for Mac
Microsoft Word 2013
Description:
Two vulnerabilities have been reported in multiple Microsoft Office products, which can be exploited by malicious people to compromise a user's system.
1) An error when handling "ptCount" nodes in DOCX files can be exploited to trigger use of uninitialised memory values and corrupt memory via a specially crafted DOCX file.
2) Another unspecified error can be exploited to corrupt memory.
Successful exploitation of these vulnerabilities allow execution of arbitrary code.
Solution
Apply update.
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office for Mac
References:
Microsoft (KB3057181, KB2965282, KB2965311, KB2999412, KB2965242, KB2965240, KB2999420, KB2965237, KB2975808, KB2986216, KB2975816, KB2965307, KB3062536, KB2956195, KB2965233, KB2956194, KB3023055, KB3039725, KB2956140, KB2956193, KB3039748, KB3017815, KB3039736):
ZDI:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 9 خرداد 1394

امتیاز

امتیاز شما
تعداد امتیازها: 0