Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2010-0822

Published: 08/06/2010 Updated: 12/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 945
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Excel

Vulnerability Summary

Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote malicious users to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft excel 2002

microsoft office 2004

microsoft office 2008

microsoft open xml file format converter

Exploits

Exploit DB: Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking inclu ...
Exploit DB: Microsoft Excel - OBJ Record Stack Overflow
''' __ __ ____ _ _ ____ | \/ |/ __ \ /\ | | | | _ \ | \ / | | | | / \ | | | | |_) | | |\/| | | | |/ /\ \| | | | _ < | | | | |__| / ____ \ |__| | |_) | |_| |_|\____/_/ \_\____/|____/ wwwexploit-dbcom/moaub-24-microsoft-excel-obj-record-stack-overflow/ githubcom/offensive-security/expl ...
Exploit DB: Microsoft Excel - 0x5D record Stack Overflow (MS10-038)
#This is an exploit for MS10-038/CVE-2010-0822 #Everything is hardcoded! (winxp sp3) #webDEViL #w3bd3vil[at]gmail[dot]com #krashin/excel1xls #Office 2007 - 12045181014 #MS10-038 bulletin states that Office 2007 is not vulnerable, lol import binascii wD="d0cf11e0a1b11ae1000000000000000000000000000000003e000300feff0900060000" wD+="0000 ...
Exploit DB: MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
This Metasploit module exploits a vulnerability found in Excel 2002 of Microsoft Office XP By supplying a xls file with a malformed OBJ (recType 0x5D) record an attacker can get the control of the execution flow This results arbitrary code execution under the context of the user ...
Exploit DB: Microsoft Excel Stack Overflow
Microsoft Excel 0x5D record stack overflow exploit ...
Exploit DB: Month Of Abysssec Undisclosed Bugs - Microsoft Excel OBJ
Month Of Abysssec Undisclosed Bugs - Microsoft Excel suffers an OBJ record stack overflow vulnerability ...

References

CWE-94http://osvdb.org/65236http://www.us-cert.gov/cas/techalerts/TA10-159B.htmlhttp://www.securityfocus.com/bid/40520https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7265http://www.securityfocus.com/archive/1/511752/100/0/threadedhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038https://nvd.nist.govhttps://www.exploit-db.com/exploits/18143/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook