Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December 2013, aka "HXDS ASLR Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Office 权限许可和访问控制漏洞
Vulnerability Description
Microsoft Office是美国微软(Microsoft)公司开发的一款办公软件套件产品。常用组件有Word、Excel、Access、Powerpoint、FrontPage等。 Microsoft Office 2007 SP3和2010 SP1、SP2中的hxds.dll文件存在安全绕过漏洞,该漏洞源于程序没有正确实现ASLR保护机制。远程攻击者可借助Web网站上特制的COM组件利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A