CVE-2019-5030

The CVE-2019-5030 issue affects Antenna House Rainbow PDF Office Server Document Converter (V7.0 Pro MR1, 7.0.2019.0220). The root cause is a bounds-check flaw in TxMasterStyleAtom::parse during DocumentTextInfoContainer parsing: cLevels is not reliably limited to 0x0005, allowing index to exceed...

CVE-2019-5030

A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 7,0,2019,0220. While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to...

March 6, 2018, update for Office 2016 (KB4011624)

March 6, 2018, update for Office 2016 KB4011624 This article describes update 4011624 for Microsoft Office 2016 that was released on March 6, 2018. This update has a prerequisite. Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of...

Description of the security update for Office Online Server: August 13, 2019

Description of the security update for Office Online Server: August 13, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Word software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft...

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module of the LibreOffice office software package exists due to the presence of mechanisms within LibreLogo that execute programming algorithms in Python when the cursor is placed over a malicious object. Exploiting this vulnerability allows a malicious...

Security Update for Microsoft Office (June 2019) (macOS)

The Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by remote code execution vulnerabilities in the Microsoft Word software due to improper handling of objects in memory. An unauthenticated, remote attacker can...

Antenna House Rainbow PDF Office Server Document Converter Buffer Overflow Vulnerability (CNVD-2019-16091)

Antenna House Rainbow PDF Office Server Document Converter is a document converter. A buffer overflow vulnerability exists in the PowerPoint file conversion in Antenna House Rainbow PDF Office Server Document Converter version V7.0 Pro MR1 7,0,2019,0220. The vulnerability originates when a...

Microsoft Office PowerPoint gdiplus ConvertToEmfPlus Untrusted Pointer Dereference Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability

Summary A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 7,0,2019,0220. While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds...

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update...

Remote code execution

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update...

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update...

Office Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded. The update...

CVE-2019-5019

A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 7,0,2018,1113. While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation betwe...

Heap overflow

A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 7,0,2018,1113. While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation betwe...

CVE-2019-5019

CVE-2019-5019 affects Antenna House Rainbow PDF Office Server Document Converter (V7.0 Pro R1, Linux64 7.0.2018.1113). The vulnerability resides in the PowerPoint conversion path via getSummaryInformation, where a misparsed PropertySetStream leads to an out-of-bounds write and heap corruption, en...

CVE-2019-5019

A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 7,0,2018,1113. While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation betwe...

Vulnerability Spotlight: Remote code execution vulnerability in Antenna House Rainbow PDF Office Server Document Converter

Emmanuel Tacheau of Cisco Talos discovered this vulnerability. Executive summary Antenna House Rainbow PDF Office Server Document Converter contains a heap overflow vulnerability that could allow an attacker to remotely execute code on the victim machine. Rainbow PDF is a software solution that...

Antenna House Rainbow PDF Office server document converter getSummaryInformation NumProperties code execution vulnerability

Summary A heap overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 7,0,2018,1113. While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation...

Security Update for Microsoft Office (Feb 2019) (macOS)

The Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by a vulnerability that allows remote attackers to bypass authentication to execute an arbitrary command through the protocol- compliant traffic. C Tenable...