Exploit for CVE-2022-30190

...

Exploit for CVE-2022-30190

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina...

Microsoft Windows Code Injection Vulnerability

Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object...

CVE-2014-4114

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a...

CVE-2014-5236

Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange OX AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted 1 OLE Object or 2 image in an OpenDocument text file...

Path traversal

Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange OX AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted 1 OLE Object or 2 image in an OpenDocument text file...

Open Document format creates twist in maldoc landscape

By Warren Mercer and Paul Rascagneres. Introduction Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines. This can happen across other file formats, but today, we are showing a change of approach for an actor who has deemed...

Microsoft Office Excel OLE Object Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

End of support for Office 2016 and Office 2019

None None...

Atlantis Word Processor uninitialized TDocOleObject code execution vulnerability

Summary An exploitable uninitialized variable vulnerability exists in the RTF-parsing functionality of Atlantis Word Processor. A specially crafted RTF file can leverage an uninitialized stack address, resulting in an out-of-bounds write, which in turn could lead to code execution. Tested Version...

Microsoft Publisher Elevation of Privilege Vulnerability

Microsoft Publisher 2010 SP2 is a desktop publishing software from the Office suite of Microsoft USA that can be used to create press releases, postcards, and more. An elevation of privilege vulnerability exists in Microsoft Publisher 2010 SP2 that stems from the program failing to take advantage...

Outlook Bug Allowed Hackers to Use .RTF Files To Steal Windows Passwords

A vulnerability in Microsoft Outlook allowed hackers to steal a user’s Windows password just by having the target preview an email with a Rich Text Format RTF attachment that contained a remotely hosted OLE object. The bug was patched by Microsoft as part of its April Patch Tuesday fixes, over a...

Disable Risky Windows Features: Hardentools

Hardentools is a collection of simple utilities designed to disable a number of “features” exposed by operating systems Microsoft Windows, for now, and primary consumer applications. These features, commonly thought for Enterprise customers, are generally useless to regular users and rather pose ...

Exploit for Out-of-bounds Write in Microsoft

PoC exploit for CVE-2018-0802, an arbitrary code execution vulne...

ROKRAT Reloaded

This post was authored by Warren Mercer, Paul Rascagneres and with contributions from Jungsoo An.Executive SummaryEarlier this year, Talos published 2 articles concerning South Korean threats. The first one was about the use of a malicious HWP document which dropped downloaders used to retrieve...

Oolong CVE-2017-8570 samples and behind the idea-vulnerability warning-the black bar safety net

The so-called CVE-2017-8570 sample Last week, 360 days eye lab found foreign hackers on Github released a CVE-2017-8570 exploits code, but then deleted, in order to find quite a few labeled as CVE-2017-8570 Office malware samples, such as the following VirusTotal is marked as CVE-2017-8570 sample...

HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign

A wide variety of threat actors began distributing HawkEye malware through high-volume email campaigns after it became available for purchase via a public-facing website. The actors behind the phishing campaigns typically used email themes based on current events and media reports that would piqu...

HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign

A wide variety of threat actors began distributing HawkEye malware through high-volume email campaigns after it became available for purchase via a public-facing website. The actors behind the phishing campaigns typically used email themes based on current events and media reports that would piqu...

HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign

A wide variety of threat actors began distributing HawkEye malware through high-volume email campaigns after it became available for purchase via a public-facing website. The actors behind the phishing campaigns typically used email themes based on current events and media reports that would piqu...

Spread banking Trojan the Office 0day Vulnerability(CVE-2017-0199)technical analysis-vulnerability warning-the black bar safety net

Vulnerability overview Microsoft in 4 months of routine patch of 4 on 12, the A Office remote command execution vulnerability, CVE-2017-0199 for the repair, but in fact in the patch before the release there has been more use of this vulnerability in the wild is found, which contains the...