PT-2013-3072 · Microsoft · Office Web Apps +5

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server versions 2007 SP3, 2010 SP1 and SP2, and 2013 Office Web Apps 2010 Excel versions 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT Office for Mac 2011 Excel Viewer Office Compatibility Pack SP3 Description: ...

MS Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)

This host is missing an important security update according to Microsoft Bulletin MS13-072. OpenVAS Vulnerability Test $Id: secpodmscompatpackms13-072.nasl 6086 2017-05-09 09:03:30Z teissa $ MS Office Compatibility Pack Remote Code Execution Vulnerabilities 2845537 Authors: Antu Sanadi Copyright:...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)

This host is missing an important security update according to Microsoft Bulletin MS13-073. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)

This host is missing an important security update according to Microsoft Bulletin MS13-072. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Word CVE-2013-3851 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Word CVE-2013-3849 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Word CVE-2013-3852 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Word CVE-2013-3855 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Excel CVE-2013-3159 XML Files Handling Information Disclosure Vulnerability

Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2003 SP3 Microsoft Excel 2007 SP3 Microsoft Excel 2010 SP1 32-bit editions...

Microsoft Word CVE-2013-3857 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Word CVE-2013-3848 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Word CVE-2013-3858 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS13-059 Microsof...

MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

This is a memory corruption bug found in Microsoft Internet Explorer. On IE 9, it seems to only affect certain releases of mshtml.dll, ranging from a newly installed IE9 9.0.8112.16446, to 9.00.8112.16502 July 2013 update. IE8 requires a different way to trigger the vulnerability, but not current...

[Nishang v0.3.0] The PowerShell for Penetration Testing released (introducing Powerpreter)

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests. Powerpreter is a powershell module...

Upgrading Legacy Veeam Backup Server

Purpose This article documents how to upgrade Veeam Backup & Replication when the underlying OS the software is installed on is no longer supported by the version of Veeam Backup & Replication being upgraded to. History of Veeam Backup Server Guest OS Compatibility | Veeam Backup & Replication...

Having fun with

Did you know that this works in every browser? Look, here's one: An image You might think it's leaking from SVG, but SVG images don't use src, they use xlink:href. Let's all take a moment to laugh at xlink. Done? Ok… In the first age of the web, some people accidentally typed instead of . Browser...

Open And Compact FTP Server 1.2 Bypass / Directory Traversal

!/usr/bin/python Exploit Title: Open&Compact Ftp Server = 1.2 Auth bypass & directory traversal sam retrieval Date: Aug 7, 2013 By Wireghoul - http://www.justanotherhacker.com Based on Serge Gorbunov's auth bypass http://www.exploit-db.com/exploits/13932/ Software Link:...

Cisco WebEx One-Click Detection

The remote host has Cisco WebEx One-Click installed. WebEx One-Click is a desktop client for WebEx's meeting software. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69274; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/02/06";...

nss and nspr security, bug fix, and enhancement update

nspr 4.9.2-4 - Resolves: rhbz924741 - Rebase to nspr-4.9.5 nss 3.14.3-6 - Resolves: rhbz986969 - nssutilReadSecmodDB leaks memory 3.14.3-5 - Define -DNOFORKCHECK when compiling softoken for ABI compatibility - Remove the unused and obsolete nss-nochktest.patch - Resolves: rhbz949845 - RFERHEL5...