Microsoft Office畸形记录远程代码执行漏洞（MS06-062）

Microsoft Office是非常流行的办公软件套件。 Office在处理文件中的畸形记录时存在漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意指令。 Office的mso.dll在解析畸形的Office文件时可能会造成数组越界访问，进程执行流程重新定向到攻击者所提供的数据上。如果用户使用管理用户权限登录，成功利用此漏洞的攻击者便可完全控制受影响的系统。 Microsoft Office XP Microsoft Office v.X for Mac Microsoft Office 2004 for Mac Microsoft Office 2003 Microsoft Offi...

Ginwui back door program analysis-vulnerability warning-the black bar safety net

This year 5 month 1 9 day CVE release number for the CVE-2 0 0 6-2 4 9 2 security bulletins, Microsoft Word processing DOC file there is a buffer overflow vulnerability, and Microsoft Word to run the special structure of the doc file, resulting in arbitrary code execution. A remote attacker could...

Preemptive Protection against Graphics Rendering Engine Vulnerability (MS06-026)

A vulnerability exists in the way Microsoft Windows handles specially crafted WMF files. WMF is an image format used in many Windows programs including Internet Explorer and Outlook. By persuading a user to open a specially crafted WMF image file, an attacker may be able to take complete control ...

Microsoft Word object pointer memory corruption vulnerability

Overview A memory corruption vulnerability in Microsoft Word could allow a remote attacker to execute arbitrary code with the privileges of the user running Word. Description Microsoft Word contains a memory corruption vulnerability. According to Microsoft Security Bulletin MS06-027:When a user...

PT-2005-5230 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A remote code execution issue exists in the Graphics Rendering Engine due to its handling of Windows Metafile WMF images. An attacker could exploit this by creating a specially crafted WMF...

Unchecked Buffer in Windows Help(Q323255)

An unchecked buffer in Windows help could allow an attacker to could gain control over user's system. Maximum Severity Rating: Critical Recommendation: Customers should install the patch immediately. Affected Software: Microsoft Windows 98 Microsoft Windows 98 Second Edition Microsoft Windows...

Vulnerability in Microsoft ISA Server 2000 H.323 Filter (816458)

A security vulnerability exists in the H.323 filter for Microsoft Internet Security and Acceleration Server 2000 that could allow an attacker to overflow a buffer in the Microsoft Firewall Service in Microsoft Internet Security and Acceleration Server 2000. SPDX-FileCopyrightText: 2004 Jeff Adams...

Microsoft Windows Shell fails to handle shortcut files properly

Overview Microsoft Windows Shell does not properly handle some shortcut files and may permit arbitrary code execution when a specially-crafted file is opened. Description Microsoft Windows supports files that point to another file, called "shortcut" files. These files have the .lnk extension, and...

MerakXSS.txt

ShineShadow Security Report 30092005-06 TITLE: Multiple vulnerabilities in Merak Mail Server 8.2.4r with Icewarp Web Mail 5.5.1. BACKGROUND Merak Mail Server, with the revolutionary Merak Mail Server GroupWare Server, cutting- edge Merak Mail Server Instant Antispam and much more, is the fastest,...

[Full-disclosure] Sophos Antivirus Library Remote Heap Overflow

Date August 26, 2005 Vulnerability The Sophos Antivirus Library provides file format support for virus analysis. During analysis of Visio files Sophos is vulnerable to a heap overflow allowing attackers complete control of the systems being protected. This vulnerability can be exploited remotely...

Microsoft Windows Kernel Vulnerability

Overview A privilege elevation vulnerability exists in the way that the Windows' kernel processes certain access requests. This vulnerability could allow a logged on user to take complete control of the system. Description A locally authenticated user could potentially exploit a vulnerability in...

NSFOCUS SA2005-01 : Buffer Overflow in WinAMP in_cdda.dll CDA Device Name

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2005-01 Topic: Buffer Overflow in WinAMP incdda.dll CDA Device Name Release Date: 2005-01-27 CVE CAN ID: CAN-2004-1150 http://www.nsfocus.com/english/homepage/research/0501.htm Affected systems & software...

[Full-Disclosure] [AppSecInc Team SHATTER Security Advisory] Microsoft Windows LPC heap overflow

Microsoft Windows LPC heap overflow AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/general/07-0001.html January 10, 2005 Credit: This vulnerability was discovered and researched by Cesar Cerrudo of Application Security, Inc. Risk Level: High Summary: A local...

Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit

Exploit for linux platform in category local exploits ============================================================= Linux Kernel 2.6.x chown Group Ownership Alteration Exploit ============================================================= / $Id: raptorchown.c,v 1.1 2004/12/04 14:44:38 raptor Exp $...

[sec-labs] Zone Alarm Device Driver vulnerability

sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...

[Full-Disclosure] [sec-labs] Zone Alarm Device Driver vulnerability

sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...

Samba contains multiple buffer overflows

Overview Samba contains several buffer overflow vulnerabilitites. At least one of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. Description Samba is a widely used open-source implementation of Server Message Block...

Technical information about the vulnerabilities fixed by MS-02-52

These are some technical details about some of the Java vulnerabilities we reported to Microsoft in August. These issues are corrected by the patch MS-02-52 which Microsoft released September 18. The patch and Microsoft's bulletin are available at...

MSXML 3.0 Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could hos...

NetOP School Admin Vulnerability for Windows 2000 Terminal Services and NT4

NetOp School, a program for screen broadcast and remote control of Windows 3.1x, Windows 9x, Windows NT and Windows 2000 PCs including support for Windows 2000 Terminal Services and NT4 Terminal Server Edition across NetBIOS, IPX and TCP/IP. The problem arises in the way that netOP handles no...