安全研究

安全漏洞
Microsoft Excel远程任意指令执行漏洞(MS04-033)

发布日期:2004-10-12
更新日期:2004-10-14

受影响系统:
Microsoft Office XP
Microsoft Office 2000
Microsoft Office 2002
    - Microsoft Windows XP Professional SP1
    - Microsoft Windows XP Professional
    - Microsoft Windows XP Home SP1
    - Microsoft Windows XP Home
    - Microsoft Windows 2000 SP3
描述:
BUGTRAQ  ID: 11373
CVE(CAN) ID: CVE-2004-0846

Microsoft Excel是一个电子表格处理程序。

Microsoft Excel存在一个未明的远程任意代码执行问题,远程攻击者可以利用这个漏洞以登录用户进程权限在系统上执行任意命令。

目前没有详细漏洞细节提供。

<*来源:Brett Moore (brett.moore@SECURITY-ASSESSMENT.COM
  
  链接:http://www.microsoft.com/technet/security/bulletin/MS04-033.mspx
*>

建议:
厂商补丁:

Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS04-033)以及相应补丁:
MS04-033:Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)
链接:http://www.microsoft.com/technet/security/bulletin/MS04-033.mspx

补丁下载:

Microsoft Office 2000 Software Service Pack 3 -

http://www.microsoft.com/downloads/details.aspx?FamilyId=B0C40C24-4DDE-45AF-8433-6DBDDD030C30

Microsoft Office 2000 Service Pack 3 Software

Excel 2000

Microsoft Office XP Software Service Pack 2 -

http://www.microsoft.com/downloads/details.aspx?FamilyId=5E0FADD3-1554-4C43-9B4A-D5E031478892

Microsoft Office XP Software

Excel 2002

Microsoft Office 2001 for Mac -

http://www.microsoft.com/downloads/details.aspx?FamilyId=9889BEAE-4771-415D-8070-3E51F4CC7AE3

Microsoft Office 2001 for Mac

Excel 2001 for Mac


Microsoft Office v. X for Mac -

http://www.microsoft.com/downloads/details.aspx?FamilyId=148E9283-4DF8-4A75-9671-CC72E6306B84

Microsoft Office v. X for Mac

Excel v. X for Mac

浏览次数:3801
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障