26 matches found
icd-ps.org Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1159060 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in Recent Campaign
Introduction FireEye researchers recently observed threat actors leveraging relatively new vulnerabilities in Microsoft Office to spread Zyklon HTTP malware. Zyklon has been observed in the wild since early 2016 and provides myriad sophisticated capabilities. Zyklon is a publicly available,...
Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in Recent Campaign
Introduction FireEye researchers recently observed threat actors leveraging relatively new vulnerabilities in Microsoft Office to spread Zyklon HTTP malware. Zyklon has been observed in the wild since early 2016 and provides myriad sophisticated capabilities. Zyklon is a publicly available,...
Microsoft the Microsoft . NET Framework flaws vulnerability bug(CVE–2017–8759)alerts-a vulnerability alert-the black bar safety net
Accident with a view 8 on 24 May, the 360 focus of the Network Security Business Unit capture to a new office high-end intimidating intrusion attacks. 12, Microsoft stopped large-scale network security updates including CVE-2017-8759 of. The same time, FireEye also promulgated the invention of th...
FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY
FireEye recently detected a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability. This vulnerability allows a malicious actor to inject arbitrary code during the parsing of SOAP WSDL definition contents. FireEye analyzed a Microsoft...
Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040972 and KB4040971)
This host is missing a critical security update according to Microsoft Security Updates KB4040972 and KB4040971. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
PSA: New Microsoft Word 0day used in the wild
Microsoft has just patched an important vulnerability in Microsoft Word during its latest patch Tuesday cycle. According to the security firm that found it 1, this new zero-day CVE-2017-8759 was used in targeted attacks to install a piece of malware known as FinFisher. Microsoft Office has been i...
CVE-2017-8759
creationtimestamp| type| source ---|---|--- 2017-09-13 04:56:03+00:00| seen| MISP/59b82957-23e0-483c-9142-7f22ac130004 2017-09-13 10:33:11+00:00| seen| https://t.me/sysadminchannel/88 2017-09-13 23:53:11+00:00| exploited| https://t.me/canyoupwnme/2280 2017-09-14 11:38:00+00:00| exploited|...
CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."...
Immunity Canvas: OFFICE_WSDL
Name| officewsdl ---|--- CVE| CVE-2017-8759, CVE-2017-8570 Exploit Pack| CANVAS Description| Microsoft Office Moniker/WSDL C Injection Notes| CVE Name: CVE-2017-8759, CVE-2017-8570 VENDOR: https://office.com Notes: Send the resulting document to someone and have them open it. If the target is...
CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."...
CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."...
CVE-2017-8759
CVE-2017-8759 affects Microsoft .NET Framework versions 2.0, 3.5/3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7. The root cause is a flaw in parsing WSDL/Soap Moniker content in the .NET Framework, which can be triggered by processing untrusted input (e.g., specially crafted Office/RTF documents). Succe...
A newline character causes the Oscar vulnerability 0day(CVE-2017-8759)reproduction-latest Office the highest level of threat attack warning-vulnerability warning-the black bar safety net
Krzysztof, the 360 group focus of the Security Business Unit elucidating the team invented a new type of Office document high-end intimidating onslaught, the 进击应用了9月12日补钉刚修复的.NET Framework flaws vulnerability bug, the flaw exploits a bug in the field is applied for 0day condition, the user closed...
Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040980)
This host is missing an important security update according to Microsoft KB4040980 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040977)
This host is missing an important security update according to Microsoft KB4040977 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft .NET Framework Remote Code Execution Vulnerability (KB4040978)
This host is missing an important security update according to Microsoft KB4040978 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows .NET Framework - Remote Code Execution 0day Exploit
Exploit for windows platform in category remote exploits Source: https://github.com/Voulnet/CVE-2017-8759-Exploit-sample Running CVE-2017-8759 exploit sample. Flow of the exploit: Word macro runs in the Doc1.doc file. The macro downloads a badly formatted txt file over wsdl, which triggers the WS...
Microsoft .NET framework SOAP Moniker PrintClientProxy remote code execution vulnerability
Overview The Microsoft .NET framework fails to properly parse WSDL content, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The PrintClientProxy method in the WSDL-parsing component of the Microsoft .NET framework fails to properly...
Exploit for CVE-2017-8759 detected and neutralized
The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against this threat. The vulnerability, classified as...