Microsoft Excel远程任意指令执行漏洞(MS04-033)

漏洞信息详情

Microsoft Excel远程任意指令执行漏洞(MS04-033)

• CNNVD编号：CNNVD-200411-009
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2004-0846
  
• 漏洞类型：
  
  
  边界条件错误
  
• 发布时间：
  
  2004-10-12
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Brett Moore※ brett…

Microsoft Excel是一个电子表格处理程序。
Microsoft Excel存在一个未明的远程任意代码执行问题，远程攻击者可以利用这个漏洞以登录用户进程权限在系统上执行任意命令。
目前没有详细漏洞细节提供。

厂商补丁：
Microsoft
———
Microsoft已经为此发布了一个安全公告(MS04-033)以及相应补丁:

MS04-033：Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)

链接：http://www.microsoft.com/technet/security/bulletin/MS04-033.mspx” target=”_blank”>
http://www.microsoft.com/technet/security/bulletin/MS04-033.mspx

补丁下载：

Microsoft Office 2000 Software Service Pack 3 –

http://www.microsoft.com/downloads/details.aspx?FamilyId=B0C40C24-4DDE-45AF-8433-6DBDDD030C30” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=B0C40C24-4DDE-45AF-8433-6DBDDD030C30

Microsoft Office 2000 Service Pack 3 Software

Excel 2000

Microsoft Office XP Software Service Pack 2 –

http://www.microsoft.com/downloads/details.aspx?FamilyId=5E0FADD3-1554-4C43-9B4A-D5E031478892” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=5E0FADD3-1554-4C43-9B4A-D5E031478892

Microsoft Office XP Software

Excel 2002

Microsoft Office 2001 for Mac –

http://www.microsoft.com/downloads/details.aspx?FamilyId=9889BEAE-4771-415D-8070-3E51F4CC7AE3” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=9889BEAE-4771-415D-8070-3E51F4CC7AE3

Microsoft Office 2001 for Mac

Excel 2001 for Mac

Microsoft Office v. X for Mac –

http://www.microsoft.com/downloads/details.aspx?FamilyId=148E9283-4DF8-4A75-9671-CC72E6306B84” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=148E9283-4DF8-4A75-9671-CC72E6306B84

Microsoft Office v. X for Mac

Excel v. X for Mac

来源:US-CERT Vulnerability Note: VU#274496
名称: VU#274496
链接:http://www.kb.cert.org/vuls/id/274496

来源: XF
名称: excel-execute-code(17653)
链接:http://xforce.iss.net/xforce/xfdb/17653

来源: MS
名称: MS04-033
链接:http://www.microsoft.com/technet/security/bulletin/ms04-033.asp

来源: XF
名称: excel-ms04033-patch(17683)
链接:http://xforce.iss.net/xforce/xfdb/17683

来源: CIAC
名称: P-009
链接:http://www.ciac.org/ciac/bulletins/p-009.shtml

来源: SECUNIA
名称: 12800
链接:http://secunia.com/advisories/12800/

来源: BUGTRAQ
名称: 20041013 Buffer Overflow In Microsoft Excel
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=109779810827096&w=2

来源: US Government Resource: oval:org.mitre.oval:def:4226
名称: oval:org.mitre.oval:def:4226
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4226

来源: US Government Resource: oval:org.mitre.oval:def:2673
名称: oval:org.mitre.oval:def:2673
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2673