Lucene search
K

204 matches found

CERT
CERT
added 2008/05/13 12:0 a.m.23 views

Microsoft Office fails to properly handle specially crafted Rich Text Format files

Overview A vulnerability in the way Microsoft Office handles Rich Text Format files may lead to execution of arbitrary code. Description Microsoft Office contains a vulnerability that could be exploited when parsing malformed strings contained in specially crafted Rich Text Format .rtf files...

9.3CVSS7.4AI score0.40511EPSS
Exploits1References1
securityvulns
securityvulns
added 2008/02/13 12:0 a.m.63 views

iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Heap Overflow Vulnerability

iDefense Security Advisory 02.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 12, 2008 I. BACKGROUND Microsoft Works is a word processor created by Microsoft in the 1980s. Microsoft Office, a widely use productivity suite, is distributed with converters for various versions of th...

9.3CVSS0.6AI score0.38144EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2008/02/03 12:0 a.m.4 views

Microsoft Rich Textbox Control Arbitrary File Overwrite (CVE-2008-0237)

Microsoft Rich Textbox is an ActiveX control that comes with Visual Basic. It allows programs to create formatted text in Rich Text Format. Microsoft Rich Textbox control ActiveX control Richtx32.ocx is used for displaying, entering, and manipulating text with formatting. It can also display font...

6.8CVSS6.2AI score0.20466EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
added 2007/10/31 12:0 a.m.39 views

Verity KeyView SDK Multiple File Format Parsing Vulnerabilities

Several vulnerabilities exist in the popular Verity KeyView SDK used in many enterprise applications like IBM Lotus Notes. When parsing several different file formats a standard stack overflow occurs allowing a malicious user to gain complete control of the affected machine under the rights of th...

9.3CVSS3AI score0.20906EPSS
Exploits5References1
OSV
OSV
added 2007/08/23 7:17 p.m.1 views

DEBIAN-CVE-2007-4510

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...

4.3CVSS6.3AI score0.01968EPSS
Exploits0References1
seebug.org
seebug.org
added 2006/04/17 12:0 a.m.15 views

linux/x86 execve(/bin/sh) + RTF Header 30 bytes

No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RTF header - 30 bytes root@magicbox: file linux-sh-rtfhdr.bin linux-sh-rtfhdr.bin: Rich Text Format data, version 1, - izik [email protected] / char shellcode = // // RTF Header 7 bytes // - Be careful not to trigger...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2006/01/11 12:0 a.m.3 views

Update Protection against a Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange (MS06-003)

A vulnerability exists in the way Microsoft Exchange server and Microsoft Outlook products handle the decoding of the Transport Neutral Encapsulation TNEF MIME attachment. The TNEF format is used by many Microsoft products such as Exchange and Outlook to transfer messages formatted as Rich Text...

7.5CVSS6.1AI score0.45584EPSS
Exploits0
OSV
OSV
added 2005/10/23 10:2 a.m.4 views

DEBIAN-CVE-2005-2972

Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the 1 ParseLevelText, 2 getCharsInsideBrace, 3 HandleLists, 4 or 5 HandleAbiLis...

5.1CVSS8.2AI score0.04101EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/08/19 4:0 a.m.32 views

CVE-2005-2516

Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format RTF files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands...

9.7AI score0.04767EPSS
Exploits0References4
NVD
NVD
added 2005/08/19 4:0 a.m.18 views

CVE-2005-2501

Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format RTF file...

7.6CVSS9.7AI score0.04211EPSS
Exploits0References5
CERT
CERT
added 2005/04/12 12:0 a.m.43 views

Microsoft Internet Explorer URL validation routine contains a buffer overflow

Overview A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer IE contains an unspecified vulnerability in the way that it handles certain URLs. The process that checks the URL contain...

7.5CVSS7.7AI score0.5791EPSS
Exploits0References1
CERT
CERT
added 2005/04/12 12:0 a.m.40 views

Microsoft Internet Explorer Content Advisor contains a buffer overflow

Overview A buffer overflow in Microsoft Internet Explorer Content Advisor may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Content Advisor is used to control what content is viewable in Internet Explorer. A buffer overflow exists in the routines that...

7.5CVSS7.6AI score0.58357EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2004/10/20 4:0 a.m.45 views

CVE-2004-0785

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via 1 Rich Text Format RTF messages, 2 a long hostname for the local system as obtained from DNS, or 3 a long URL that is not properly handled by the URL decoder...

7.5CVSS6.5AI score0.05427EPSS
Exploits0References1
NVD
NVD
added 2004/10/20 4:0 a.m.16 views

CVE-2004-0785

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via 1 Rich Text Format RTF messages, 2 a long hostname for the local system as obtained from DNS, or 3 a long URL that is not properly handled by the URL decoder...

7.5CVSS7.6AI score0.05427EPSS
Exploits0References20
Cvelist
Cvelist
added 2004/09/02 4:0 a.m.26 views

CVE-2004-0785

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via 1 Rich Text Format RTF messages, 2 a long hostname for the local system as obtained from DNS, or 3 a long URL that is not properly handled by the URL decoder...

7.5AI score0.05427EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.26 views

GLSA-200408-27 : Gaim: New vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200408-27 Gaim: New vulnerabilities Gaim fails to do proper bounds checking when: Handling MSN messages partially fixed with GLSA 200408-12. Handling rich text format messages. Resolving local hostname. Receiving long URLs. Handli...

7.5CVSS8.5AI score0.05427EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2004/08/26 12:0 a.m.40 views

gaim -- multiple buffer overflows

Sean infamous42md reports several situations in gaim that may result in exploitable buffer overflows: Rich Text Format RTF messages in Novell GroupWise protocol Unsafe use of gethostbyname in zephyr protocol URLs which are over 2048 bytes long once decoded...

7.5CVSS6.6AI score0.05427EPSS
Exploits0References3
Cvelist
Cvelist
added 2004/06/03 4:0 a.m.26 views

CVE-2004-0503

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format RTF message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to...

6.4AI score0.11445EPSS
Exploits1References6
CERT
CERT
added 2002/09/27 12:0 a.m.42 views

Microsoft Word does not check for macros contained in linked template file when opening RTF document

Overview There is a vulnerability caused by a failure to detect macros embedded in templates used by rich text format documents opened in Microsoft Word. This vulnerability may allow the author of a malicious document to execute arbitrary commands as the user who opens the document. Description...

4.6CVSS7.1AI score0.01432EPSS
Exploits0References2
NVD
NVD
added 2002/05/16 4:0 a.m.20 views

CVE-2002-1056

Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format RTF, which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or...

7.5CVSS7.2AI score0.18537EPSS
Exploits0References7
Rows per page
Query Builder