Microsoft Excel XML 漏洞

漏洞信息详情

Microsoft Excel XML 漏洞

• CNNVD编号：CNNVD-200004-004
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2000-0277
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2000-04-03
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-12
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Discovered by Darr…

Microsoft Excel 97 and 2000存在漏洞，在对外部文本文件执行Excel宏语言(XLM)时没有警告用户，远程攻击者可以利用这个漏洞执行宏病毒，也称“XLM 文本宏”漏洞。

Microsoft has released patches which rectify this issue. This vulnerability may affect earlier versions of Microsoft Excel. Therefore, users of previous versions are recommended to upgrade to either Excel 97 or 2000 and apply the appropriate patches.
Microsoft Excel 2000

• Microsoft o2ksr1The vulnerability is eliminated with this Office 2000 Service Release 1 (SR-1) Update.
  
  http://download.microsoft.com/download/office2000pro/o2ksr1/2000/WIN98
  /EN-US/o2ksr1.exe

Microsoft Excel 97

• Microsoft xl8p9pkgThis patch requires Office 97 Service Release 2.
  
  http://www.officeupdate.com/isapi/gooffupd.asp?TARGET=/downloaditems/x
  l8p9pkg.exe

来源: MS
名称: MS00-022
链接:http://www.microsoft.com/technet/security/bulletin/MS00-022.asp

来源: BID
名称: 1087
链接:http://www.securityfocus.com/bid/1087

来源: OSVDB
名称: 1272
链接:http://www.osvdb.org/1272