CVE-2026-32170

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally...

Microsoft Rich Text Edit Control 资源管理错误漏洞

Microsoft Rich Text Edit Control is a rich text editor implemented by Microsoft Corporation. There is a resource management vulnerability in Microsoft Rich Text Edit Control. Attackers can exploit this vulnerability to gain elevated privileges. The following products and versions are affected:...

PT-2026-40131

Name of the Vulnerable Software and Affected Versions Windows Rich Text Edit Control affected versions not specified Description A double free issue in the Windows Rich Text Edit Control allows an authorized attacker to elevate privileges locally. A double free occurs when a program attempts to...

Microsoft Rich Text Edit Control 资源管理错误漏洞

Microsoft Rich Text Edit Control is a rich text editor implemented by Microsoft Corporation. There is a resource management vulnerability in Microsoft Rich Text Edit Control. Attackers can exploit this vulnerability to gain elevated privileges. The following products and versions are affected:...

EUVD-2021-27631

Malicious code in bioql PyPI...

July 27, 2023, update for Office 2016 (KB5002458)

July 27, 2023, update for Office 2016 KB5002458 This article describes update 5002458 for Microsoft Office 2016 that was released on July 27, 2023.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to th...

CVE-2021-40454

Rich Text Edit Control Information Disclosure Vulnerability...

CVE-2021-40454

Rich Text Edit Control Information Disclosure Vulnerability...

Information disclosure

Rich Text Edit Control Information Disclosure Vulnerability...

CVE-2021-40454

CVE-2021-40454 is an information-disclosure vulnerability in the Rich Text Edit Control used by Microsoft Office. The issue is documented as a local, low-complexity disclosure that can impact confidentiality (CVE-2021-40454) with a MEDIUM overall severity (CVSS v3.1 base score 5.5). The connected...

CVE-2021-40454 Rich Text Edit Control Information Disclosure Vulnerability

...

KLA12309 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service. Below is a...

KLA12316 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Rich Text Edit Contr...

Microsoft Rich Text Edit Control 信息泄露漏洞

Microsoft Rich Text Edit Control is an implementation of a rich text editor from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Rich Text Edit Control, which arises from a configuration or other error in the operation of a networked system or product. An...

Proxomitron 4.5 Denial of Service attack

Exploit for windows platform in category dos / poc ======================================== Proxomitron 4.5 Denial of Service attack ======================================== I have managed to find a dos exploit in proxomitron 4.5. I have tried to exploit this further into a full working exploit b...

VulnCheck KEV: CVE-2004-1319

The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...

CVE-2004-1319

The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...

CVE-2004-1319

The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...

CVE-2004-1319

The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...

DHTML Edit Control for IE5 allows local files to be uploaded to web server

Overview A vulnerability exists in the DHTML Edit Control for IE5 that allows arbitrary local files to be uploaded to a web server. Description DHTML Edit is an activex control that is marked safe-for-scripting. This control can be embedded in a website, and permit local files to be remotely...