Lucene search
K

26 matches found

Openbugbounty
Openbugbounty
added 2020/05/11 2:49 p.m.9 views

icd-ps.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1159060 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.2AI score
Exploits0
FireEye
FireEye
added 2018/01/17 5:0 p.m.343 views

Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in Recent Campaign

Introduction FireEye researchers recently observed threat actors leveraging relatively new vulnerabilities in Microsoft Office to spread Zyklon HTTP malware. Zyklon has been observed in the wild since early 2016 and provides myriad sophisticated capabilities. Zyklon is a publicly available,...

9.3CVSS9.2AI score0.99945EPSS
Exploits47References3
FireEye
FireEye
added 2018/01/17 12:0 p.m.8963 views

Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in Recent Campaign

Introduction FireEye researchers recently observed threat actors leveraging relatively new vulnerabilities in Microsoft Office to spread Zyklon HTTP malware. Zyklon has been observed in the wild since early 2016 and provides myriad sophisticated capabilities. Zyklon is a publicly available,...

9.3CVSS8.8AI score0.99945EPSS
Exploits47
myhack58
myhack58
added 2017/09/15 12:0 a.m.118 views

Microsoft the Microsoft . NET Framework flaws vulnerability bug(CVE–2017–8759)alerts-a vulnerability alert-the black bar safety net

Accident with a view 8 on 24 May, the 360 focus of the Network Security Business Unit capture to a new office high-end intimidating intrusion attacks. 12, Microsoft stopped large-scale network security updates including CVE-2017-8759 of. The same time, FireEye also promulgated the invention of th...

8.3AI score0.88698EPSS
Exploits14
seebug.org
seebug.org
added 2017/09/14 12:0 a.m.560 views

FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY

FireEye recently detected a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability. This vulnerability allows a malicious actor to inject arbitrary code during the parsing of SOAP WSDL definition contents. FireEye analyzed a Microsoft...

9.3CVSS8.9AI score0.99933EPSS
Exploits40
OpenVAS
OpenVAS
added 2017/09/14 12:0 a.m.59 views

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040972 and KB4040971)

This host is missing a critical security update according to Microsoft Security Updates KB4040972 and KB4040971. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

9.3CVSS7.5AI score0.88698EPSS
Exploits14References4
Malwarebytes
Malwarebytes
added 2017/09/13 10:49 p.m.983 views

PSA: New Microsoft Word 0day used in the wild

Microsoft has just patched an important vulnerability in Microsoft Word during its latest patch Tuesday cycle. According to the security firm that found it 1, this new zero-day CVE-2017-8759 was used in targeted attacks to install a piece of malware known as FinFisher. Microsoft Office has been i...

9.3CVSS8.4AI score0.88698EPSS
Exploits14
Circl
Circl
added 2017/09/13 4:56 a.m.13 views

CVE-2017-8759

creationtimestamp| type| source ---|---|--- 2017-09-13 04:56:03+00:00| seen| MISP/59b82957-23e0-483c-9142-7f22ac130004 2017-09-13 10:33:11+00:00| seen| https://t.me/sysadminchannel/88 2017-09-13 23:53:11+00:00| exploited| https://t.me/canyoupwnme/2280 2017-09-14 11:38:00+00:00| exploited|...

9.3CVSS7.4AI score0.88698EPSS
Exploits14References21
NVD
NVD
added 2017/09/13 1:29 a.m.34 views

CVE-2017-8759

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."...

9.3CVSS7.6AI score0.88698EPSS
Exploits14References8
canvas
canvas
added 2017/09/13 1:29 a.m.994 views

Immunity Canvas: OFFICE_WSDL

Name| officewsdl ---|--- CVE| CVE-2017-8759, CVE-2017-8570 Exploit Pack| CANVAS Description| Microsoft Office Moniker/WSDL C Injection Notes| CVE Name: CVE-2017-8759, CVE-2017-8570 VENDOR: https://office.com Notes: Send the resulting document to someone and have them open it. If the target is...

9.3CVSS8.6AI score0.99933EPSS
Exploits49
Cvelist
Cvelist
added 2017/09/13 1:0 a.m.38 views

CVE-2017-8759

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."...

7.5AI score0.88698EPSS
Exploits14References7
Vulnrichment
Vulnrichment
added 2017/09/13 1:0 a.m.14 views

CVE-2017-8759

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."...

8.2AI score0.88698EPSS
Exploits14References7
CVE
CVE
added 2017/09/13 1:0 a.m.1385 views

CVE-2017-8759

CVE-2017-8759 affects Microsoft .NET Framework versions 2.0, 3.5/3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7. The root cause is a flaw in parsing WSDL/Soap Moniker content in the .NET Framework, which can be triggered by processing untrusted input (e.g., specially crafted Office/RTF documents). Succe...

9.3CVSS7.5AI score0.88698EPSS
In wildExploits14References8Affected Software1
CERT
CERT
added 2017/09/13 12:0 a.m.988 views

Microsoft .NET framework SOAP Moniker PrintClientProxy remote code execution vulnerability

Overview The Microsoft .NET framework fails to properly parse WSDL content, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The PrintClientProxy method in the WSDL-parsing component of the Microsoft .NET framework fails to properly...

9.3CVSS8.3AI score0.88698EPSS
Exploits14References2
0day.today
0day.today
added 2017/09/13 12:0 a.m.183 views

Microsoft Windows .NET Framework - Remote Code Execution 0day Exploit

Exploit for windows platform in category remote exploits Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WS...

9.3CVSS0.1AI score0.88698EPSS
Exploits14
myhack58
myhack58
added 2017/09/13 12:0 a.m.396 views

A newline character causes the Oscar vulnerability 0day(CVE-2017-8759)reproduction-latest Office the highest level of threat attack warning-vulnerability warning-the black bar safety net

Krzysztof, the 360 group focus of the Security Business Unit elucidating the team invented a new type of Office document high-end intimidating onslaught, the 进击应用了9月12日补钉刚修复的.NET Framework flaws vulnerability bug, the flaw exploits a bug in the field is applied for 0day condition, the user closed...

9.3CVSS8.3AI score0.99933EPSS
Exploits40
OpenVAS
OpenVAS
added 2017/09/13 12:0 a.m.57 views

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040977)

This host is missing an important security update according to Microsoft KB4040977 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.3CVSS8AI score0.88698EPSS
Exploits14References4
OpenVAS
OpenVAS
added 2017/09/13 12:0 a.m.265 views

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040980)

This host is missing an important security update according to Microsoft KB4040980 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.3CVSS8AI score0.88698EPSS
Exploits14References4
OpenVAS
OpenVAS
added 2017/09/13 12:0 a.m.33 views

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040978)

This host is missing an important security update according to Microsoft KB4040978 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.3CVSS8AI score0.88698EPSS
Exploits14References4
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/09/12 6:46 p.m.3368 views

Exploit for CVE-2017-8759 detected and neutralized

The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against this threat. The vulnerability, classified as...

9.3CVSS8.4AI score0.88698EPSS
Exploits14
Rows per page
Query Builder