1602 matches found
Remote code execution
Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265...
CVE-2017-0264
Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265...
CVE-2017-0264
CVE-2017-0264 relates to a remote code execution vulnerability in Microsoft PowerPoint for Mac 2011 caused by improper handling of objects in memory. The issue is confirmed across multiple sources (NVD entry for CVE-2017-0264 and OpenVAS/Nessus references) and is described as memory corruption le...
CVE-2017-0265
CVE-2017-0265 affects Microsoft PowerPoint for Mac 2011 and is described as a remote code execution vulnerability caused by improper handling of objects in memory (Microsoft Office Memory Corruption Vulnerability). The connected OpenVAS entries corroborate a memory‑corruption issue in Office for ...
Microsoft Office CVE-2017-0265 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Office CVE-2017-0264 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
powerpoint.com.my XSS vulnerability
Vulnerable URL: http://www.powerpoint.com.my/result.php?root=MTc2%3C!%27/!%22/!%27/%22/--!%3E%3CInput/Autofocus%20/;%20Onfocus=confirm%27OPENBUGBOUNTY%27%20//%3E%3CSvg%3E=MjEz⊂==NTcz Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly...
Description of the security update for Office 2013: April 11, 2017
Description of the security update for Office 2013: April 11, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...
Description of the security update for Office 2016: April 11, 2017
Description of the security update for Office 2016: April 11, 2017 Microsoft has released an update for Microsoft Office that turns off the Encapsulated PostScript EPS Filter in Office by default, as a defense-in-depth measure. We are aware of limited targeted attacks that could leverage an...
Design/Logic Flaw
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data int...
CVE-2017-2791
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data int...
CVE-2017-2791
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data int...
CVE-2017-2791
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data int...
CVE-2017-2791
Summary of findings (CVE-2017-2791) : JustSystems Ichitaro 2016 Trial is vulnerable during handling of PowerPoint content. The attacker can craft a chain of records via the Current User and UserEditAtom paths (PowerPoint Document stream) to induce memory corruption. The root cause is lack of vali...
Ichitaro Word Processor PersistDirectory Code Execution Vulnerability
Summary Ichitaro Office contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function’s result, the application will use this result in a pointer calculation for reading file data into. Due t...
Microsoft Office PowerPoint 2010 - GDI GDI32!ConvertDxArray Insufficient Bounds Check
Microsoft Office PowerPoint 2010 - GDI GDI32!ConvertDxArray Insufficient Bounds Check Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=951 Platform: GDI on Windows 7 x86 reachable from Microsoft Office 2010 Class: Out of bounds memory access The following crash was observed in...
Microsoft Office PowerPoint 2010 - GDI 'GDI32!ConvertDxArray' Insufficient Bounds Check
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=951 Platform: GDI on Windows 7 x86 reachable from Microsoft Office 2010 Class: Out of bounds memory access The following crash was observed in Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled...
Microsoft Office PowerPoint 2010 - MSO/OART Heap Out-of-Bounds Access
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=950 Platform: Microsoft Office 2010 on Windows 7 x86 Class: Time of check time of use leading to memory corruption The following crash was observed in Microsoft Office 2010 running under Windows 7 x86 with Application Verifier...
MS16-029: Description of the security update for Office 2016 for Mac: March 16, 2016
MS16-029: Description of the security update for Office 2016 for Mac: March 16, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
MS16-070: Description of the security update for Office 2016 for Mac: June 14, 2016
MS16-070: Description of the security update for Office 2016 for Mac: June 14, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...