Lucene search
K

13 matches found

Talos Blog
Talos Blog
added 2017/05/23 6:5 a.m.212 views

Modified Zyklon and plugins from India

IntroductionStreams of malicious emails Talos inspects every day usually consist of active spamming campaigns for various ransomware families, phishing campaigns and the common malware family suspects such as banking Trojans and bots.. It is however often more interesting to analyze campaigns...

9.3CVSS7.9AI score0.84971EPSS
Exploits8
myhack58
myhack58
added 2014/04/17 12:0 a.m.24 views

Office”combination”formula exploits the sample analysis-vulnerability warning-the black bar safety net

by hcl, nine8 of code audit labs of vulnhunt.com 1 Overview Online disclosure of a suspected CVE-2 0 1 4-1 7 6 1 RTF sample, hanhai source analysis found that the sample is not a CVE-2 0 1 4-1 7 6 1, but in a RTF sample includes both the two vulnerabilities, respectively, for the CVE-2 0 1 2-0 1 ...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/12/11 12:0 a.m.116 views

MS13-096: Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (2908005)

The version of Microsoft's Graphics Component installed on the remote host is affected by a heap overflow vulnerability. Specially crafted TrueType font files are not processed properly. A remote, unauthenticated attacker could exploit this vulnerability by getting a user to view content that...

9.3CVSS8.5AI score0.84971EPSS
Exploits7References3
ThreatPost
ThreatPost
added 2013/11/06 11:21 a.m.218 views

Attacks on New Microsoft Zero Day Using Multi-Stage Malware

Attackers exploiting the Microsoft Windows and Office zero day revealed yesterday are using an exploit that includes a malicious RAR file as well as a fake Office document as the lure, and are installing a wide variety of malicious components on newly infected systems. The attacks seen thus far a...

9.3CVSS1.3AI score0.88246EPSS
Exploits19References4
Vulnrichment
Vulnrichment
added 2013/11/06 11:0 a.m.11 views

CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a...

7.9AI score0.84971EPSS
Exploits7References5
CVE
CVE
added 2013/11/06 11:0 a.m.1132 views

CVE-2013-3906

CVE-2013-3906 is a memory corruption vulnerability in Microsoft Windows Graphics Component (TIFF handling) that could allow remote code execution. It affected GDI+ in Windows Vista SP2/Server 2008 SP2 and Office suites (Office 2003 SP3, 2007 SP3, 2010 SP1/SP2, Office Compatibility Pack SP3) and L...

9.3CVSS9.4AI score0.84971EPSS
In wildExploits7References6Affected Software8
The Hacker News
The Hacker News
added 2013/11/06 5:31 a.m.27 views

CVE-2013-3906 : Zero Day Vulnerability in Microsoft Graphics Component

Microsoft has issued a temporary fix for a 0day vulnerability that can be exploited to install malware via infected Word documents. A Zero-day Remote code execution flaw, which has been dubbed CVE-2013-3906, exploits a vulnerability in a Microsoft graphics component, to target Microsoft Office...

9.3CVSS7.6AI score0.84971EPSS
Exploits7
VulnCheck KEV
VulnCheck KEV
added 2013/11/06 12:0 a.m.2 views

VulnCheck KEV: CVE-2013-3906

Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution...

9.3CVSS7.6AI score0.84971EPSS
Exploits7References1
Tenable Nessus
Tenable Nessus
added 2013/11/06 12:0 a.m.138 views

MS KB2896666: Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (deprecated)

The remote host is missing one of the workarounds referenced in KB 2896666. The remote host has a version of the Microsoft Graphics Component installed that is potentially affected by a code execution vulnerability due to the way the application handles specially crafted TIFF images. %NASLMINLEVE...

0.7AI score0.84971EPSS
Exploits7References2
Check Point Advisories
Check Point Advisories
added 2013/11/06 12:0 a.m.11 views

Microsoft Office Embedded TIFF Image Remote Code Execution (CVE-2013-3906)

A remote code execution vulnerability has been reported in a graphic rendering library used by Microsoft Office products...

9.3AI score0.84971EPSS
Exploits7
The Hacker News
The Hacker News
added 2013/11/05 6:31 p.m.72 views

CVE-2013-3906 : Zero Day Vulnerability in Microsoft Graphics Component

None...

9.3CVSS1.9AI score0.84971EPSS
Exploits7
MSRC
MSRC
added 2013/11/05 8:0 a.m.33 views

CVE-2013-3906: a graphics vulnerability exploited through Word documents

Recently we become aware of a vulnerability of a Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. Today we are releasing Security Advisory 2896666 which includes a proactive Fix it workaround for blocking this attack while we...

7.8CVSS6.8AI score0.84971EPSS
Exploits7
Circl
Circl
added 2013/11/05 7:0 a.m.12 views

CVE-2013-3906

creationtimestamp| type| source ---|---|--- 2013-11-05 07:00:00+00:00| seen| https://msrc.microsoft.com/blog/2013/11/cve-2013-3906-a-graphics-vulnerability-exploited-through-word-documents/ 2013-11-08 08:57:29+00:00| seen| MISP/527ca75e-353c-4c91-a7d5-407a950d2109 2013-11-08 09:23:16+00:00| seen|...

9.3CVSS7.4AI score0.84971EPSS
Exploits7References9
Rows per page
Query Builder