Memory corruption

Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows...

Memory corruption

Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache...

CVE-2009-3127

CVE-2009-3127 (Excel Cache Memory Corruption) is a remote code execution vulnerability in Microsoft Office Excel variants: Excel 2002 SP3, 2003 SP3, 2004/2008 for Mac, Open XML File Format Converter for Mac, and Excel Viewer 2003 SP3. It stems from improper parsing of the Excel file format, allow...

Microsoft Excel 'SxView'内存破坏远程代码执行漏洞(MS09-067)

Bugraq ID: 36944 CVE ID：CVE-2009-3128 Microsoft Excel是一款微软开发的电子表格处理程序。 Microsoft Office Excel存在一个远程代码执行漏洞，如果用户打开一个特殊构建的包含畸形记录对象的Excel文件可允许远程代码执行。 成功利用此漏洞允许完全控制受影响系统，攻击者成功利用此漏洞可以以内核权限安装程序；查看，更改或删除数据等。 Microsoft Open XML File Format Converter for Mac 0 Microsoft Office Excel Viewer 2003 0 Microsoft...

Boloto Media Player 1.0.0.9 pls file DoS

No description provided by source. Boloto Media Player 1.0.0.9 Local .PLS Crash PoC Found By: DrIDE Download: http://www.tucows.com/preview/602821 Tested On: XPSP3 Note: It locks hard if you add this file to the playlist and click. buff = "\x41" 5000 try: f1 = open"evil.pls","w";...

OpenOffice TIFF File Parsing Integer Overflow (CVE-2007-2834)

OpenOffice.org is an open source office suite. The package includes a word processor, a spreadsheet application, a presentation creator, an illustration drawer, a desktop database, and an equation editor. The product is made available for multiple platforms and languages. An integer overflow...

VUPlayer M3U Buffer Overflow

This module exploits a stack over flow in VUPlayer 'VUPlayer M3U Buffer Overflow', 'Description' = %q This module exploits a stack over flow in VUPlayer MSFLICENSE, 'Author' = 'MC' , 'References' = 'CVE', '2006-6251' , 'OSVDB', '31710' , , 'DefaultOptions' = 'EXITFUNC' = 'process',...

Adobe Reader AcroPDF ActiveX Control Remote Denial of Service (APSB09-15; CVE-2009-2987; CVE-2009-2992)

Portable Document Format PDF is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. A denial of service vulnerability has been discovered in Adobe Reader and Acrobat. The...

ClamAV libclamav MEW PE File Handling Integer Overflow (CVE-2007-6335)

ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the MEW file format. A buffer overflow...

Apple iTunes 9.0 - '.pls' Buffer Overflow

source: https://www.securityfocus.com/bid/36478/info Apple iTunes is prone to a buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code within th...

VideoLAN VLC Media Player 0.9.6 - CUE Local Buffer Overflow (PoC)

VideoLAN VLC Media Player 0.9.6 - CUE Local Buffer Overflow PoC !/usr/bin/env python VLC Media Player 0.9.6 .CUE Buffer Overflow PoC Found By: DrIDE Tested On: XPSP3 head = "\x46\x49\x4c\x45\x20\x22" buff = "\x41" 10000 foot = "\x2e\x42\x49\x4e\x22\x20\x42\x49\x4e\x41\x52\x59\x0d\x0a\x20\x54"...

[SECURITY] Fedora 10 Update: OpenEXR-1.6.1-8.fc10

OpenEXR is a high dynamic-range HDR image file format developed by Indust rial Light & Magic for use in computer imaging applications. This package contai ns libraries and sample applications for handling the format...

Debian Security Advisory DSA 1835-1 (tiff)

The remote host is missing an update to tiff announced via advisory DSA 1835-1. OpenVAS Vulnerability Test $Id: deb18351.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1835-1 tiff Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

PHP Melody 1.5.3 Remote File Upload Injection Vulnerability

Exploit for unknown platform in category web applications =========================================================== PHP Melody 1.5.3 Remote File Upload Injection Vulnerability =========================================================== --------------------------------------------------- PHP...

Microsoft Security Bulletin MS09-027 - Critical

Microsoft Security Bulletin MS09-027 - Critical Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution 969514 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities that could allow remote...

Memory corruption

Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibilit...

Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires user interaction in that a victim must open a malicious XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft...

Microsoft Security Bulletin MS09-021 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)

Microsoft Security Bulletin MS09-021 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution 969462 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities that could allow...

Microsoft Word Record Parsing Length Field Remote Stack Buffer Overflow Vulnerability

Description Microsoft Word is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...

Discuz! admindatabase.inc.php get-webshell bug-vulnerability warning-the black bar safety net

author: ring04h team:http://www. 80vul. com The vulnerability by ring04h discovery and delivery,thx Due to Discuz! Admin\database. inc. php in action=importzip extracting zip files,cause you can get a webshell. An analysis In file admin\database. inc. php in the code: ..... elseif$operation ==...