Lucene search
+L

263 matches found

OSV
OSV
added 2018/01/29 5:29 p.m.4 views

DEBIAN-CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

7.5CVSS9.5AI score0.10061EPSS
Exploits3References1
Carbon Black Blog
Carbon Black Blog
added 2017/12/19 5:21 p.m.45 views

Threat Analysis: Malicious Microsoft Word Documents Being Used in Targeted Attack Campaigns

A Microsoft Word document .doc believed to be malicious was recently submitted to Carbon Black’s Threat Analysis Unit TAU. The submitting organization did not feel that that document and subsequent payload was fully executing in their analysis environment, and questioned whether or not it was...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2017/12/14 12:0 a.m.98 views

Microsoft Office DDE Payload Delivery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Office DDE Payload Delivery', 'Description' = %q This module generates an DDE command to place within a word document, that when...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2017/12/06 8:2 a.m.1294 views

Recam Redux - DeConfusing ConfuserEx

This post is authored by Holger Unterbrink and Christopher MarczewskiOverviewThis report shows how to deobfuscate a custom .NET ConfuserEx protected malware. We identified this recent malware campaign in our Advanced Malware Protection AMP telemetry. Initial infection is via a malicious Word...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/10/27 12:0 a.m.5 views

Apache OpenOffice DOC File Parsing Remote Code Execution Vulnerability

Apache OpenOffice is open and free word processing software. The OpenOffice Writer DOC file parser and WW8Fonts constructor handles DOC file vulnerabilities, allowing remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which can crash...

7.8CVSS7.6AI score0.01805EPSS
Exploits1References1
seebug.org
seebug.org
added 2017/10/16 12:0 a.m.27 views

Oracle OIT ContentAccess libvs_word+63AC Code Execution Vulnerability(CVE-2016-3592)

Description Partially controlled memory write vulnerability exists in Mac Word file format parsing code of Oracle Outside In Technology Content Access SDK. An unchecked pointer arithmetic leads to an out of bounds memory overwrite resulting in code execution. Tested Versions Oracle Outside In...

9CVSS8.4AI score0.0393EPSS
Exploits1
ThreatPost
ThreatPost
added 2017/09/18 4:33 p.m.11 views

Attackers Use Undocumented MS Office Feature to Leak System Profile Data

An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by...

Exploits0References1
Carbon Black Blog
Carbon Black Blog
added 2017/08/28 7:55 p.m.104 views

Threat Analysis: Word Documents with Embedded Macros Leveraging Emotet Trojan

Many customers have recently asked how Carbon Black's solutions detect macros and droppers specifically referencing Emotet dropper files. Customers often say that macros and droppers are an ongoing problem in their environments. They are also seen day-to-day by most practitioners. The analysis...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2017/08/13 9:24 p.m.32 views

Phishery - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector

Phishery is a Simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. Phishery also provides the ability easily to inject the URL into a .docx Word document. The power of phishery is best demonstrated by setting a Word document's template to a...

7.3AI score
Exploits0References3
Talos Blog
Talos Blog
added 2017/05/23 6:5 a.m.212 views

Modified Zyklon and plugins from India

IntroductionStreams of malicious emails Talos inspects every day usually consist of active spamming campaigns for various ransomware families, phishing campaigns and the common malware family suspects such as banking Trojans and bots.. It is however often more interesting to analyze campaigns...

9.3CVSS7.9AI score0.84971EPSS
Exploits8
myhack58
myhack58
added 2017/04/14 12:0 a.m.41 views

Office discovered zero vulnerabilities hackers can use the Word document to install malicious software-vulnerability warning-the black bar safety net

According to foreign media reports, recently a period of time, you when opening a Word document may have to be careful because the security company MCAfee researchers in Microsoft Office software found in a zero vulnerabilities, hackers can use it quietly in your computer system to install...

Exploits0
ThreatPost
ThreatPost
added 2017/03/21 11:54 a.m.84 views

Latest Tax Scams Include Phishing Lures, Malware

Microsoft warned Monday this year’s crop of tax scams are using social engineering attacks based on fear to spread Zdowbot and Omaneat banking Trojans and collect personal info via spoofed tax sites linked to from phishing campaigns. The warning comes with less than a month before the April 18 ta...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References3
n0where
n0where
added 2016/10/25 4:29 a.m.17 views

SSL Enabled Basic Auth Credential Harvester: phishery

An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector Phishery is a Simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. Phishery also provides the ability easily to inject the URL into a .docx Word document...

7.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2016/09/22 9:0 a.m.12 views

Malware Evades Detection with Novel Technique

Researchers have found a new strain of document-based macro malware that evades discovery by lying dormant when it detects a security researcher’s test environment. The malware, according to researcher Caleb Fenton with security firm SentinelOne, evades detection simply by counting the number of...

0.1AI score
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2016/08/09 12:0 a.m.35 views

Microsoft Office Memory Corruption (MS16-099: CVE-2016-3316)

A memory corruption vulnerability has been reported in Microsoft Word. The application fails to properly handle certain objects in memory when parsing specially crafted files with a large sprmSDyaTop value. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to op...

9.3CVSS3.7AI score0.47194EPSS
Exploits3
Talos
Talos
added 2016/07/19 12:0 a.m.17 views

Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0160 Oracle OIT ImageExport libvsbmp BMP BIRLE8 Width Code Execution Vulnerability July 19, 2016 Description A vulnerability in libvseshr can lead to remote code execution while parsing a specially crafted Word document containing a reference to Escher drawin...

8.2AI score
Exploits0
FireEye
FireEye
added 2016/07/18 8:0 a.m.22 views

Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection

Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/03/02 12:0 a.m.10 views

The vulnerability of the Oracle Fusion Middleware software platform, which allows a perpetrator to trigger a service failure

The vulnerability of the Oracle Outside In Technology component of the Oracle Fusion Middleware software is caused by buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to cause a service failure using a specially created DOC file...

10CVSS7AI score0.08383EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/12/16 12:0 a.m.39 views

Scientific Linux Security Update : libreoffice on SL6.x i386/x86_64 (20151214)

It was discovered that LibreOffice did not properly restrict automatic link updates. By tricking a victim into opening specially crafted documents, an attacker could possibly use this flaw to disclose contents of files accessible by the victim. CVE-2015-4551 An integer underflow flaw leading to a...

6.8CVSS8.1AI score0.13826EPSS
Exploits0References5
0day.today
0day.today
added 2015/08/25 12:0 a.m.48 views

Microsoft Office 2007 OneTableDocumentStream Invalid Object Exploit

Microsoft Office 2007 suffers from a OneTableDocumentStream invalid object vulnerability. Source: https://code.google.com/p/google-security-research/issues/detail?id=171&can=1 The following access violation was observed in Microsoft Office 2007 Word document: 8c0.e68: Access violation - code...

9.3CVSS6.4AI score0.30325EPSS
Exploits1
Rows per page
Query Builder