‫ Microsoft Office Excel Two Code Execution Vulnerabilities

ID: IRCAD2014123677
Release Date: 2014-12-09
Criticality level: Highly critical
Software:
Microsoft Excel 2010
Microsoft Excel 2013
Microsoft Excel 2013 RT
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2013 RT
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Excel 2007
Description:
Two vulnerabilities have been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
1) An error related to a global free can be exploited to corrupt memory.
2) An error related to an invalid pointer can be exploited to corrupt memory.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.
Solution
Apply updates.
Microsoft Excel 2007
Microsoft Office 2007 Service Pack 3
Microsoft Excel 2010
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2013 and Microsoft Excel 2013 RT
Microsoft Office 2013 (32-bit editions)
Microsoft Office 2013 (64-bit editions)
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
References:
MS14-083 (KB2984942, KB2910902, KB2910929):
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 21 آذر 1393

امتیاز

امتیاز شما
تعداد امتیازها:0