13 matches found
A simple example of a complex cyberattack
We're already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious...
Microsoft Office 内存损坏漏洞(CVE-2015-1641)
来源: http://drops.wooyun.org/papers/9809 Microsoft Office 内存损坏漏洞 0x01 漏洞概述 今年4月份微软修补了一个名为CVE-2015-1641的word类型混淆漏洞,攻击者可以构造嵌入了docx的rtf文档进行攻击。word在解析docx文档处理displacedByCustomXML属性时未对customXML对象进行验证,可以传入其他标签对象进行处理,造成类型混淆,导致任意内存写入,最终经过精心构造的标签以及对应的属性值可以造成远程任意代码执行。 根据微软官方MS15-33安全公告里显示,这个漏洞覆盖Office 2007...
CVE-2 0 1 5-1 6 4 1 vulnerability analysis-vulnerability warning-the black bar safety net
0x01 vulnerability overview This year 4 month, Microsoft patched a named CVE-2 0 1 5-1 6 4 1 word type confusion vulnerability, an attacker can construct the embedded docx rtf documents to attack. word in parsing the docx document processing displacedByCustomXML attribute not customXML object for...
word type confusion Vulnerability CVE-2 0 1 5-1 6 4 1 Analysis-vulnerability warning-the black bar safety net
Vulnerability overview This year 4 month, Microsoft patched a named CVE-2 0 1 5-1 6 4 1 word type confusion vulnerability, an attacker can construct the embedded docx rtf documents to attack. word in parsing the docx document processing displacedByCustomXML attribute not customXML object for...
CVE-2015-1641
creationtimestamp| type| source ---|---|--- 2015-09-07 12:16:06+00:00| seen| MISP/55d34355-a218-49d2-9f4e-40bd950d210b 2015-09-08 14:44:42+00:00| seen| MISP/55eef158-bf34-4bd4-8933-4938950d210b 2016-02-08 10:35:40+00:00| seen| MISP/56b86d69-3b0c-465d-8eb3-0e57bce2ab96 2016-04-12 20:22:17+00:00|...
Microsoft Office Web Apps Multiple Vulnerabilities (3048019)
This host is missing a critical security update according to Microsoft Bulletin MS15-033. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3048019)
This host is missing a critical security update according to Microsoft Bulletin MS15-033. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Office Word Remote Code Execution Vulnerabilities (3048019) - Mac OS X
This host is missing a critical security update according to Microsoft Bulletin MS15-033. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2015-1641
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute...
CVE-2015-1641
CVE-2015-1641 is a Microsoft Office memory-corruption vulnerability triggered by crafted RTF documents. Affected products include Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoin...
MS15-033: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3048019)
The remote Windows host has a version of Microsoft Office, Office Compatibility Pack, Microsoft Word, Microsoft Word Viewer, SharePoint Server, or Microsoft Office Web Apps installed that is affected by multiple remote code execution vulnerabilities : - A remote code execution vulnerability exist...
VulnCheck KEV: CVE-2015-1641
Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user...
Microsoft Office Memory Corruption (MS15-033: CVE-2015-1641)
A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a...