16 matches found
Microsoft Word 资源管理错误漏洞
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word. An attacker could exploit this vulnerability to execute arbitrary code on a system...
Microsoft Word 资源管理错误漏洞
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...
PT-2025-30401
The BSK PDF Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access an...
The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server, related to access control deficiencies, allows attackers to increase their privileges.
The vulnerabilities of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow unauthorized individuals to increase their privileges remotely...
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and SharePoint Enterprise Server lies in improper code generation management, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and SharePoint Enterprise Server is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2021-41349
Microsoft Exchange Server Spoofing Vulnerability...
The vulnerability of Microsoft Word, Microsoft Office products, Microsoft Office Online Server, Microsoft Office Web Apps, Microsoft 365 Apps, Microsoft SharePoint Server, and Microsoft SharePoint Enterprise Server arises from insufficient input data validation, allowing attackers to execute arbitrary code.
The vulnerability of Microsoft Word, the Microsoft Office products, Microsoft Office Online Server, Microsoft Office Web Apps, Microsoft 365 Apps, Microsoft SharePoint Server, and Microsoft SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this...
The vulnerability of Microsoft Business Productivity Servers, SharePoint Server, and SharePoint Enterprise Server lies in errors in the mechanism for checking the source code of application packages. This allows attackers to execute arbitrary code.
The vulnerability of the Microsoft SharePoint software package is related to errors in the mechanism for checking the source markup of the application’s code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server lies in the lack of protection for administrative data, which allows attackers to disclose protected information.
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server lies in the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information through a specially create...
Symantec Protection for SharePoint Servers 6.0.3 - 6.0.5 < HF2.5 / 6.0.6 < HF2.6 / 6.0.7 < HF2.7 Multiple DoS (SYM16-015)
The version of Symantec Protection for SharePoint Servers SPSS installed on the remote host is 6.0.3 to 6.0.5 prior to hotfix 2.5, 6.0.6 prior to hotfix 2.6, or 6.0.7 prior to hotfix 2.7. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerabilit...
Symantec Protection for SharePoint Servers Detection
Binary data symantecprotectionsharepointservers.nbin...
Symantec Protection for SharePoint Servers 6.0.3 to 6.0.5 < HF1.5 / 6.0.6 < HF1.6 Multiple Vulnerabilities (SYM16-010)
The version of Symantec Protection for SharePoint Servers installed on the remote host is 6.0.3 to 6.0.5 prior to HF1.5 or 6.0.6 prior to HF1.6. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the Unpack::ShortLZ function within file unpack15.cpp due t...
Buffer overflow
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac;...
Symantec Decomposer Engine Multiple Parsing Vulnerabilities
SUMMARY Symantec is aware of buffer overflow and memory corruption findings in the AntiVirus Decomposer engine used in various configurations by multiple Symantec products. FAQ on Impact to Symantec Products: AFFECTED PRODUCTS Affected Enterprise Products Product | Version | Solutions ---|---|---...
CVE-2016-0136
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption...
多个Symantec产品RAR/TAR/ZIP文件扫描绕过漏洞
Bugraq ID: 35354 多个Symantec产品对畸形或特殊格式的压缩档文件如tar/zip/rar/缺少真确处理,可导致绕过扫描产品的检测。 攻击者构建恶意的文件,发送给目标用户,可绕过检测使应用程序展开并执行。 目前没有详细漏洞细节提供。 Symantec Symantec AntiVirus Scan Engine for Microsoft ISA 4.3.12 Symantec Symantec AntiVirus Corporate Edition 10.2 MR2 Symantec Scan Engine 5.1.6.31 Symantec Scan Engine...