xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

Microsoft Excel嵌入对象内联宏执行漏洞


发布时间:2002-06-22
更新时间:2002-06-22
严重程度:
威胁程度:权限提升
错误类型:设计错误
利用方式:客户机模式

BUGTRAQ ID:5063
CVE(CAN) ID:CAN-2002-0616

受影响系统
Microsoft Excel 2000 SR1
   - Microsoft Windows 2000 Advanced Server
   - Microsoft Windows 2000 Advanced Server SP1
   - Microsoft Windows 2000 Advanced Server SP2
   - Microsoft Windows 2000 Datacenter Server
   - Microsoft Windows 2000 Datacenter Server SP1
   - Microsoft Windows 2000 Datacenter Server SP2
   - Microsoft Windows 2000 Professional
   - Microsoft Windows 2000 Professional SP1
   - Microsoft Windows 2000 Professional SP2
   - Microsoft Windows 2000 Server
   - Microsoft Windows 2000 Server SP1
   - Microsoft Windows 2000 Server SP2
   - Microsoft Windows 2000 Terminal Services
   - Microsoft Windows 2000 Terminal Services SP1
   - Microsoft Windows 2000 Terminal Services SP2
   - Microsoft Windows 95
   - Microsoft Windows 98
   - Microsoft Windows 98SE
   - Microsoft Windows ME
   - Microsoft Windows NT Enterprise Server 4.0
   - Microsoft Windows NT Enterprise Server 4.0 SP1
   - Microsoft Windows NT Enterprise Server 4.0 SP2
   - Microsoft Windows NT Enterprise Server 4.0 SP3
   - Microsoft Windows NT Enterprise Server 4.0 SP4
   - Microsoft Windows NT Enterprise Server 4.0 SP5
   - Microsoft Windows NT Enterprise Server 4.0 SP6
   - Microsoft Windows NT Enterprise Server 4.0 SP6a
   - Microsoft Windows NT Server 4.0
   - Microsoft Windows NT Server 4.0 SP1
   - Microsoft Windows NT Server 4.0 SP2
   - Microsoft Windows NT Server 4.0 SP3
   - Microsoft Windows NT Server 4.0 SP4
   - Microsoft Windows NT Server 4.0 SP5
   - Microsoft Windows NT Server 4.0 SP6
   - Microsoft Windows NT Server 4.0 SP6a
   - Microsoft Windows NT Terminal Server 4.0
   - Microsoft Windows NT Terminal Server 4.0 SP1
   - Microsoft Windows NT Terminal Server 4.0 SP2
   - Microsoft Windows NT Terminal Server 4.0 SP3
   - Microsoft Windows NT Terminal Server 4.0 SP4
   - Microsoft Windows NT Terminal Server 4.0 SP5
   - Microsoft Windows NT Terminal Server 4.0 SP6
   - Microsoft Windows NT Terminal Server 4.0 SP6a
   - Microsoft Windows NT Workstation 4.0
   - Microsoft Windows NT Workstation 4.0 SP1
   - Microsoft Windows NT Workstation 4.0 SP2
   - Microsoft Windows NT Workstation 4.0 SP3
   - Microsoft Windows NT Workstation 4.0 SP4
   - Microsoft Windows NT Workstation 4.0 SP5
   - Microsoft Windows NT Workstation 4.0 SP6
   - Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Excel 2000 SP2
   - Microsoft Windows 2000 Advanced Server
   - Microsoft Windows 2000 Advanced Server SP1
   - Microsoft Windows 2000 Advanced Server SP2
   - Microsoft Windows 2000 Datacenter Server
   - Microsoft Windows 2000 Datacenter Server SP1
   - Microsoft Windows 2000 Datacenter Server SP2
   - Microsoft Windows 2000 Professional
   - Microsoft Windows 2000 Professional SP1
   - Microsoft Windows 2000 Professional SP2
   - Microsoft Windows 2000 Server
   - Microsoft Windows 2000 Server SP1
   - Microsoft Windows 2000 Server SP2
   - Microsoft Windows 2000 Terminal Services
   - Microsoft Windows 2000 Terminal Services SP1
   - Microsoft Windows 2000 Terminal Services SP2
   - Microsoft Windows 95
   - Microsoft Windows 98
   - Microsoft Windows 98SE
   - Microsoft Windows ME
   - Microsoft Windows NT Enterprise Server 4.0
   - Microsoft Windows NT Enterprise Server 4.0 SP1
   - Microsoft Windows NT Enterprise Server 4.0 SP2
   - Microsoft Windows NT Enterprise Server 4.0 SP3
   - Microsoft Windows NT Enterprise Server 4.0 SP4
   - Microsoft Windows NT Enterprise Server 4.0 SP5
   - Microsoft Windows NT Enterprise Server 4.0 SP6
   - Microsoft Windows NT Enterprise Server 4.0 SP6a
   - Microsoft Windows NT Server 4.0
   - Microsoft Windows NT Server 4.0 SP1
   - Microsoft Windows NT Server 4.0 SP2
   - Microsoft Windows NT Server 4.0 SP3
   - Microsoft Windows NT Server 4.0 SP4
   - Microsoft Windows NT Server 4.0 SP5
   - Microsoft Windows NT Server 4.0 SP6
   - Microsoft Windows NT Server 4.0 SP6a
   - Microsoft Windows NT Terminal Server 4.0
   - Microsoft Windows NT Terminal Server 4.0 SP1
   - Microsoft Windows NT Terminal Server 4.0 SP2
   - Microsoft Windows NT Terminal Server 4.0 SP3
   - Microsoft Windows NT Terminal Server 4.0 SP4
   - Microsoft Windows NT Terminal Server 4.0 SP5
   - Microsoft Windows NT Terminal Server 4.0 SP6
   - Microsoft Windows NT Terminal Server 4.0 SP6a
   - Microsoft Windows NT Workstation 4.0
   - Microsoft Windows NT Workstation 4.0 SP1
   - Microsoft Windows NT Workstation 4.0 SP2
   - Microsoft Windows NT Workstation 4.0 SP3
   - Microsoft Windows NT Workstation 4.0 SP4
   - Microsoft Windows NT Workstation 4.0 SP5
   - Microsoft Windows NT Workstation 4.0 SP6
   - Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Excel 2000
   - Microsoft Windows 2000 Workstation
   - Microsoft Windows 2000 Workstation SP1
   - Microsoft Windows 2000 Workstation SP2
   - Microsoft Windows 95
   - Microsoft Windows 98
   - Microsoft Windows NT 4.0
   - Microsoft Windows NT 4.0 SP1
   - Microsoft Windows NT 4.0 SP2
   - Microsoft Windows NT 4.0 SP3
   - Microsoft Windows NT 4.0 SP4
   - Microsoft Windows NT 4.0 SP5
   - Microsoft Windows NT 4.0 SP6
   - Microsoft Windows NT 4.0 SP6a
Microsoft Excel 2002 SP1
   - Microsoft Windows 2000 Advanced Server
   - Microsoft Windows 2000 Advanced Server SP1
   - Microsoft Windows 2000 Advanced Server SP2
   - Microsoft Windows 2000 Datacenter Server
   - Microsoft Windows 2000 Datacenter Server SP1
   - Microsoft Windows 2000 Datacenter Server SP2
   - Microsoft Windows 2000 Professional
   - Microsoft Windows 2000 Professional SP1
   - Microsoft Windows 2000 Professional SP2
   - Microsoft Windows 2000 Server
   - Microsoft Windows 2000 Server SP1
   - Microsoft Windows 2000 Server SP2
   - Microsoft Windows 2000 Terminal Services
   - Microsoft Windows 2000 Terminal Services SP1
   - Microsoft Windows 2000 Terminal Services SP2
   - Microsoft Windows 98
   - Microsoft Windows 98SE
   - Microsoft Windows ME
   - Microsoft Windows NT Enterprise Server 4.0
   - Microsoft Windows NT Enterprise Server 4.0 SP1
   - Microsoft Windows NT Enterprise Server 4.0 SP2
   - Microsoft Windows NT Enterprise Server 4.0 SP3
   - Microsoft Windows NT Enterprise Server 4.0 SP4
   - Microsoft Windows NT Enterprise Server 4.0 SP5
   - Microsoft Windows NT Enterprise Server 4.0 SP6
   - Microsoft Windows NT Enterprise Server 4.0 SP6a
   - Microsoft Windows NT Server 4.0
   - Microsoft Windows NT Server 4.0 SP1
   - Microsoft Windows NT Server 4.0 SP2
   - Microsoft Windows NT Server 4.0 SP3
   - Microsoft Windows NT Server 4.0 SP4
   - Microsoft Windows NT Server 4.0 SP5
   - Microsoft Windows NT Server 4.0 SP6
   - Microsoft Windows NT Server 4.0 SP6a
   - Microsoft Windows NT Terminal Server 4.0
   - Microsoft Windows NT Terminal Server 4.0 SP1
   - Microsoft Windows NT Terminal Server 4.0 SP2
   - Microsoft Windows NT Terminal Server 4.0 SP3
   - Microsoft Windows NT Terminal Server 4.0 SP4
   - Microsoft Windows NT Terminal Server 4.0 SP5
   - Microsoft Windows NT Terminal Server 4.0 SP6
   - Microsoft Windows NT Terminal Server 4.0 SP6a
   - Microsoft Windows NT Workstation 4.0
   - Microsoft Windows NT Workstation 4.0 SP1
   - Microsoft Windows NT Workstation 4.0 SP2
   - Microsoft Windows NT Workstation 4.0 SP3
   - Microsoft Windows NT Workstation 4.0 SP4
   - Microsoft Windows NT Workstation 4.0 SP5
   - Microsoft Windows NT Workstation 4.0 SP6
   - Microsoft Windows NT Workstation 4.0 SP6a
   - Microsoft Windows XP Home
   - Microsoft Windows XP Professional
Microsoft Excel 2002
   - Microsoft Windows 2000 Workstation
   - Microsoft Windows 2000 Workstation SP1
   - Microsoft Windows 2000 Workstation SP2
   - Microsoft Windows 95
   - Microsoft Windows 95 SR2
   - Microsoft Windows 98
   - Microsoft Windows 98SE
   - Microsoft Windows ME
   - Microsoft Windows NT 4.0
   - Microsoft Windows NT 4.0 SP1
   - Microsoft Windows NT 4.0 SP2
   - Microsoft Windows NT 4.0 SP3
   - Microsoft Windows NT 4.0 SP4
   - Microsoft Windows NT 4.0 SP5
   - Microsoft Windows NT 4.0 SP6a
Microsoft Office 2000
   - Microsoft Windows 2000 Professional
   - Microsoft Windows 2000 Professional SP1
   - Microsoft Windows 2000 Professional SP2
   - Microsoft Windows 95
   - Microsoft Windows 98
   - Microsoft Windows ME
   - Microsoft Windows NT Workstation 4.0
   - Microsoft Windows NT Workstation 4.0 SP1
   - Microsoft Windows NT Workstation 4.0 SP2
   - Microsoft Windows NT Workstation 4.0 SP3
   - Microsoft Windows NT Workstation 4.0 SP4
   - Microsoft Windows NT Workstation 4.0 SP5
   - Microsoft Windows NT Workstation 4.0 SP6
   - Microsoft Windows NT Workstation 4.0 SP6a
   - Microsoft Windows XP Home
   - Microsoft Windows XP Professional
Microsoft Office XP
   - Microsoft Windows 2000 Professional
   - Microsoft Windows 2000 Professional SP1
   - Microsoft Windows 2000 Professional SP2
   - Microsoft Windows 98
   - Microsoft Windows ME
   - Microsoft Windows NT Workstation 4.0
   - Microsoft Windows NT Workstation 4.0 SP1
   - Microsoft Windows NT Workstation 4.0 SP2
   - Microsoft Windows NT Workstation 4.0 SP3
   - Microsoft Windows NT Workstation 4.0 SP4
   - Microsoft Windows NT Workstation 4.0 SP5
   - Microsoft Windows NT Workstation 4.0 SP6
   - Microsoft Windows NT Workstation 4.0 SP6a
   - Microsoft Windows XP Home
   - Microsoft Windows XP Professional
详细描述
Microsoft Excel for Windows存在漏洞,可导致绕过宏安全模型检查而执行任意宏。

包含在excel spreadsheet中的嵌入对象可以包含内联宏代码,此漏洞结果导致内联宏代码不被宏安全模型认出,通过用户交互宏代码可以绕过任何安全限制执行。

测试代码


解决方案
补丁下载:

http://office.microsoft.com/productupdates/default.aspx




Microsoft Excel 2000 SR1:

Microsoft Patch exc0901.exe
http://download.microsoft.com/download/excel2000/exc0901/6-19-2002/win98mexp/en-us/exc0901.exe
Excel 2000 Update: June 19, 2002

Microsoft Patch exc0901a.exe
http://download.microsoft.com/download/Excel2000/Patch/exc0901/W982KMeXP/EN-US/exc0901a.exe
Excel 2000 Update: June 19, 2002 - Administrative version

Microsoft Excel 2000 SP2:

Microsoft Patch exc0901.exe
http://download.microsoft.com/download/excel2000/exc0901/6-19-2002/win98mexp/en-us/exc0901.exe
Excel 2000 Update: June 19, 2002

Microsoft Patch exc0901a.exe
http://download.microsoft.com/download/Excel2000/Patch/exc0901/W982KMeXP/EN-US/exc0901a.exe
Excel 2000 Update: June 19, 2002 - Administrative version

Microsoft Excel 2002 SP1:

Microsoft Patch exc1002.exe
http://download.microsoft.com/download/Excel2002/exc1002/6-19-2002/WIN98MeXP/EN-US/exc1002.exe
Excel 2002 Update: June 19, 2002

Microsoft Patch exc1002a.exe
http://download.microsoft.com/download/Excel2002/Patch/exc1002/W982KMeXP/EN-US/exc1002a.exe
Excel 2002 Update: June 19, 2002 - Administrative version

Microsoft Excel 2000 :

Microsoft Patch exc0901.exe
http://download.microsoft.com/download/excel2000/exc0901/6-19-2002/win98mexp/en-us/exc0901.exe
Excel 2000 Update: June 19, 2002

Microsoft Patch exc0901a.exe
http://download.microsoft.com/download/Excel2000/Patch/exc0901/W982KMeXP/EN-US/exc0901a.exe
Excel 2000 Update: June 19, 2002 - Administrative version

Microsoft Office 2000 :
Microsoft Office XP :
Microsoft Excel 2002 :

Microsoft Patch exc1002.exe
http://download.microsoft.com/download/Excel2002/exc1002/6-19-2002/WIN98MeXP/EN-US/exc1002.exe
Excel 2002 Update: June 19, 2002

Microsoft Patch exc1002a.exe
http://download.microsoft.com/download/Excel2002/Patch/exc1002/W982KMeXP/EN-US/exc1002a.exe
Excel 2002 Update: June 19, 2002 - Administrative version

相关信息
参考:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-031.asp
相关主页:http://office.microsoft.com/productupdates/default.aspx
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved