PT-2024-40609 · Poco · Poco

Name of the Vulnerable Software and Affected Versions: Poco affected versions not specified Description: The issue is related to a crash caused by an unknown read. Technical details about the crash include the involvement of Poco::UTF16Encoding::queryConvert, Poco::TextConverter::convert, and...

PHPMailer susceptible to arbitrary code execution

html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with t...

PHPMailer < 5.2.10 'html2text' Library RCE Vulnerability

PHPMailer is prone to a remote code execution RCE vulnerability within the shipped Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2010-2563

The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse malformed structures in Word 97 documents, which allows remote attackers to execute arbitrary code via a crafted document containing an unspecified value that ...

CVE-2010-2563

CVE-2010-2563 affects WordPad Word 97 Text Converter memory handling in WordPad Text Converters on Windows XP SP2/SP3 and Windows Server 2003 SP2. A vulnerability arises from parsing malformed fields in Word 97 documents, causing memory corruption that could allow remote code execution when a use...

CVE-2010-2563

The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse malformed structures in Word 97 documents, which allows remote attackers to execute arbitrary code via a crafted document containing an unspecified value that ...

Microsoft WordPad Word 97 Text Converter Memory Corruption (MS10-067; CVE-2010-2563)

WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. A remote code execution vulnerability has been reported in Microsoft WordPad. The vulnerability is due to a memory corruption error in the WordPad text...

Microsoft WordPad Text Converter Word 97 File Parsing Memory Corruption Vulnerability

Description Microsoft WordPad Text Converter is prone to a remote memory-corruption vulnerability. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions. Technologies...

Microsoft WordPad and Office Text Converter Memory Corruption (MS09-073; CVE-2009-2506)

WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. A remote code execution vulnerability has been reported in Microsoft WordPad and Office Word. The vulnerability is due to a memory corruption error in the...

VulnCheck KEV: CVE-2009-0087

Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file...

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

Stack overflow

Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data...

Microsoft WordPad Word 97 Text Converter Text Location Stack Overflow (MS09-010; CVE-2009-0235)

WordPad Text Converters allow users who do not have Microsoft Office Word installed to open documents in other Microsoft Windows applications. They also allow users to save documents in the Word 97 file format. The vulnerability is due to a memory corruption error when a user opens a specially...

CVE-2008-5619

html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with t...

CVE-2008-5619

CVE-2008-5619 affects RoundCube Webmail (versions 0.2-1 alpha and 0.2-3 beta) via the html2text.php integration that uses the chuggnutt HTML-to-text library. The underlying issue is the use of preg_replace with the eval modifier, allowing remote code execution when crafted input is processed. Exp...

CVE-2008-5619

html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail roundcubemail 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the pregreplace function with t...

WordPad and Office Text Converter Memory Corruption Vulnerability (960477)

This host is missing a critical security update according to Microsoft Bulletin MS09-010. OpenVAS Vulnerability Test $Id: secpodmswordpadmultvuln.nasl 5370 2017-02-20 15:24:26Z cfi $ WordPad and Office Text Converter Memory Corruption Vulnerability 960477 Authors: Chandan S Update description and...

Microsoft写字板文件转换器远程代码执行漏洞

BUGTRAQ ID: 32718 CVECAN ID: CVE-2008-4841 写字板是Windows操作系统中附件所提供的简单文本编辑工具。 对于没有安装Word的用户，可以使用写字板的文本转换器来打开.doc格式文档。如果用户使用转换器打开了特制的.doc、.wri或.rtf格式文档的话，就可能触发内存破坏，导致执行任意代码。目前这个漏洞正在被积极的利用。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 200...

Microsoft WordPad Text Converter vulnerable to remote code execution

Overview The WordPad Text Converter for Word 97 files included in some versions of Windows contains an unspecified error which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft WordPad is a text editor included by default with the...

CVE-2008-4841

The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted 1 .doc, 2 .wri, or 3 .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008. NOTE: ...