15 matches found
PT-2024-12555 · Document Foundation · Libreoffice
Name of the Vulnerable Software and Affected Versions: The Document Foundation Libreoffice version 7.4.7 Description: An issue in The Document Foundation Libreoffice allows a remote attacker to cause a denial of service via a crafted .ppt file. Recommendations: For version 7.4.7, consider avoidin...
VulnCheck KEV: CVE-2023-34960
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11. up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name...
PT-2023-25076 · Chamilo · Chamilo
Name of the Vulnerable Software and Affected Versions: Chamilo versions 1.11. through 1.11.18 Description: A command injection issue in the wsConvertPpt component allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. Recommendations: For Chamilo versio...
The vulnerability of the UAX200.dll library in the Corel Presentations presentation preparation and viewing software allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the UAX200.dll library in Corel Presentations’ presentation preparation and viewing software is related to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information through a specially...
The vulnerability of the IBJPG2.FLT library in the Corel Presentations preparation and presentation software allows a hacker to execute arbitrary code.
The vulnerability of the IBJPG2.FLT library in the Corel Presentations preparation and presentation software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user,...
CVE-2021-38104
IPPP72.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issue...
Memory Corruption Vulnerability in WPS Demo kso Module
WPS Office is an office software suite developed independently by Kingsoft Corporation. A memory corruption vulnerability exists in the kso module of WPS Presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or execute...
apache-poi: denial of service in HSLFSlideShow via corrupted PPT file
A denial of service flaw was found in the way the HSLFSlideShow class implementation in Apache POI handled certain PPT files. A remote attacker could submit a specially crafted PPT file that would cause Apache POI to hang indefinitely...
Code injection
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted...
CVE-2014-6352
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted...
CVE-2014-6352
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted...
Buffer overflow
Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint File Path Handling Buffer Overflow Vulnerability."...
Design/Logic Flaw
Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After Free Vulnerability."...
CVE-2010-0029
CVE-2010-0029 is a remote-code-execution vulnerability in Microsoft Office PowerPoint 2002 SP3 caused by a buffer/stack overflow when parsing crafted PowerPoint files (PowerPoint File Path Handling Buffer Overflow). The connected reports confirm this is part of a family of PowerPoint vulnerabilit...
Microsoft PowerPoint TxMasterStyle10Atom Processing Code Execution (MS08-051; CVE-2008-1455)
Microsoft PowerPoint is a popular presentation program. A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory calculation error in Microsoft PowerPoint when parsing bullet list values in specially crafted PowerPoint files. A remote...