1643 matches found
Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...
Microsoft Office Word 2007 Multiple Vulnerabilities
No description provided by source. Mati Aharoni muts .@. offensive-security.com http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: ...
Microsoft Word 2007 - Multiple Vulnerabilities
Microsoft Word 2007 - Multiple Vulnerabilities Mati Aharoni muts .@. offensive-security.com http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results:...
Microsoft Office Word 2007 Multiple Vulnerabilities
Exploit for unknown platform in category dos / poc =================================================== Microsoft Office Word 2007 Multiple Vulnerabilities =================================================== Mati Aharoni muts email protected offensive-security.com http://www.offensive-security.com...
[Full-disclosure] Some 0day Pocs
Mati Aharoni muts .@. offensive-security.com mailto:[email protected] http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: file789-1.d...
Microsoft Word 2007 - Multiple Vulnerabilities
Mati Aharoni muts .@. offensive-security.com http://www.offensive-security.com My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming. No deep analysis was done, I leave that to the community. These are some of the results: file789-1.doc - Unspecified Overflow in word...
file: Integer underflow
Background file is a utility that guesses a file format by scanning binary data for patterns. Description Jean-Sebastien Guay-Leroux reported an integer underflow in fileprintf function. Impact A remote attacker could entice a user to run the "file" program on a specially crafted file that would...
CVE-2007-1117
Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...
Format string
Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory...
CVE-2007-1117
Technical details are not publicly available in the provided documents. Monitor for updates.
News Rover 12.1 Rev 1 - Stack Overflow (2)
News Rover 12.1 Rev 1 - Stack Overflow 2 !/usr/bin/perl =============================================================================================== News Rover 12.1 Rev 1 Remote Stack Overflow perl exploit By Umesh Wanve [email protected]...
Fedora Core 5 : openoffice.org-2.0.2-5.16.2 (2006-770)
CVE-2006-2198 macro security - CVE-2006-2199 java applets - CVE-2006-3117 corrupt file format more details at http://www.openoffice.org/security/bulletin-20060629.h tml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
USN-386-1: ImageMagick vulnerability
Daniel Kobras discovered multiple buffer overflows in ImageMagick's SGI file format decoder. By tricking a user or an automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges...
ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability
ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-033.html October 10, 2006 -- CVE ID: CVE-2006-2387 -- Affected Vendor: Microsoft -- Affected Products: Microsoft Office 2000 SP3 Microsoft Office XP SP3 Microsof...
Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target user into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...
USN-337-1: imagemagick vulnerability
Damian Put discovered a buffer overflow in imagemagick's SGI file format decoder. By tricking an user or automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges...
CVE-2006-3449
CVE-2006-3449 describes a remote code execution in Microsoft PowerPoint 2000–2003 caused by parsing a malformed BIFF record in a PPT file. The vulnerability can be triggered when a user opens a crafted PPT document, potentially allowing attacker-controlled code execution in the user’s context (us...
CVE-2006-3449
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint...
GLSA-200607-12 : OpenOffice.org: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200607-12 OpenOffice.org: Multiple vulnerabilities Internal security audits by OpenOffice.org have discovered three security vulnerabilities related to Java applets, macros and the XML file format parser. Specially crafted Java...
Reverse thinking about the Google search URL and decryption-bug warning-the black bar safety net
Google each of the search sequences linked by a plurality of instruction parts, these instructions carry out their duties, constitute the full search results of“filter”. If we mastered the whole Google search URL in the configuration mode, it is possible to very easily feel free to create we need...