Microsoft Office PowerPoint Information Disclosure Vulnerability (Dec 2017) - Mac OS X

This host is missing an important security update for Microsoft Office 2016 on Mac OS X according to Microsoft security update December 2017 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Description of the security update for Office 2013: January 9, 2018

Description of the security update for Office 2013: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

Description of the security update for Office 2016: January 9, 2018

Description of the security update for Office 2016: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

Threat Round Up for December 29 - January 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between December 29 and January 05. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior...

CVE-2017-17967

pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482...

Microsoft PowerPoint CVE-2017-11934 Information Disclosure Vulnerability

Description Microsoft PowerPoint is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 32-b...

USN-3472-1 libreoffice vulnerabilities

Marcin Noga discovered that LibreOffice incorrectly handled PPT documents. If a user were tricked into opening a specially crafted PPT document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. CVE-2017-12607 Marcin Noga discovered that LibreOffice...

Null pointer reference vulnerability in RZoffice (CNVD-2017-36324)

SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. RZoffice has a null pointer reference vulnerability when handling special ppt files. An attacker can exploit the vulnerability to conduct ...

Null pointer reference vulnerability in RZoffice (CNVD-2017-36321)

SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. RZoffice has a null pointer reference vulnerability when handling special ppt files. An attacker can exploit the vulnerability to conduct ...

Memory corruption vulnerability exists in RZoffice (CNVD-2017-36322)

SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. RZoffice suffers from a memory corruption vulnerability when handling special ppt files. An attacker can exploit the vulnerability to...

UBUNTU-CVE-2017-12607

A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service memory corruption and application crash potentially resulting in arbitrary code execution...

Apache OpenOffice PPT File Parser and PPTStyleSheet Remote Code Execution Vulnerability

Apache OpenOffice is open and free word processing software. OpenOffice Writer PPT File Parser and PPTStyleSheet Handling DOC File vulnerabilities allow remote attackers to exploit vulnerabilities by submitting a special file and tricking the user into parsing it, which can cause the application ...

Microsoft Excel - OLE Arbitrary Code Execution Exploit

Exploit for windows platform in category dos / poc Title: MS Office Excel all versions Arbitrary Code Execution Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007,2010,2013,2016...

Denial of Service Vulnerability in WPS Presentation (CNVD-2017-33992)

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has an out-of-bounds read error to memory when parsing a specific ppt file, which can be exploited by attackers to cause a denial of service...

WPS Presentation suffers from a null pointer reference vulnerability (CNVD-2017-33983)

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the kso module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or code...

The vulnerability of the Microsoft PowerPoint presentation preparation program, the Microsoft SharePoint Server corporate application package, and the Office Online Server web server is related to incorrect handling of objects in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft PowerPoint presentation preparation program, the Microsoft SharePoint Server corporate application package, and the Office Online Server web server is related to incorrect handling of objects in memory. Exploiting this vulnerability can allow a malicious actor t...

KLA11113 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information perform cross-site scripting and privilege escalations Below is a complete list of vulnerabilities: 1. Multiple...

Ichitaro Word Processor PersistDirectory Code Execution Vulnerability(CVE-2017-2791)

Summary Ichitaro Office contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due t...

Overflow vulnerability in WPS demo ppt reader module

WPS Office is an office software suite developed independently by Kingsoft Corporation. An overflow vulnerability exists in the pptreader module of WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or execute...

Memory Corruption Vulnerability in WPS Presentation

WPS Office is an office software suite developed independently by Kingsoft Corporation. A memory corruption vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or execute arbitrary code...