|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 586 CVE : CVE-2006-0029 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : No Credit : Fortinet Research Published : 15.03.2006
Advisory Content : Fortinet Security Advisory: FSA-2006-08 Microsoft Excel Column Index Improper Memory Access Advisory Date : March 14, 2006 Reported Date : January 24, 2006 Vendor : Microsoft Affected Products : Microsoft Excel 2003 Chinese Version Windows XP Home Edition Chinese Version and possible all versions of Microsoft Excel. Severity : High Reference : http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0029 http://www.securityfocus.com/bid/15780 Description : Fortinet Security Research Team (FSRT) has discovered a Improper Memory Access Vulnerability in the Microsoft Excel software. This vulnerability is due to Microsoft Excel's manipulation of opcode 0x001D, when provided with a random Column Index, it will cause a Improper Memory Access. An remote attacker could construct a .xls file and put it on controlled web site. When the user opens the .xls file with Microsoft Internet Explorer, the browser will call Microsoft Excel to open the .xls file automatically, and this will cause Microsoft Excel to crash. If excel file is specially crafted, it may allow attackers to execute arbitrary code on the affected system. Impact : Execution of arbitrary code leading to system compromise. Solution : Microsoft has released a update for this vulnerability, which is available for downloading from Microsoft web site, see reference. Fortinet Protection: FortiGate series of security systems have been updated to detect exploits targeting this vulnerability. Acknowledgment : Dejun Meng of Fortinet Security Research team found this vulnerability. Disclaimer : Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. More specific information is available on request from Fortinet. Please note that Fortinet's product information does not constitute or contain any guarantee, warranty or legally binding representation, unless expressly identified as such in a duly signed writing.  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |