18 matches found
Bitter APT Hackers Continue to Target Bangladesh Military Entities
Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and intermediate malware stages the threat actors conduct espionage by deploying Remote Access Trojans,"...
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0798...
Microsoft Office Remote Code Execution (CVE-2018-0798)
A stack-based buffer overflow vulnerability exists in Microsoft Office. A remote, unauthenticated attacker can exploit this vulnerability by supplying a maliciously crafted OLE file to the affected target...
CVE-2018-0798
creationtimestamp| type| source ---|---|--- 2019-07-03 21:31:08+00:00| exploited| https://t.me/informationsecuritychannel/29050 2019-07-04 20:31:13+00:00| exploited| https://t.me/antichat/5730 2019-07-04 22:14:02+00:00| exploited| https://t.me/canyoupwnme/5705 2019-08-06 09:07:33+00:00| seen|...
Description of the security update for Office 2016: January 9, 2018
Description of the security update for Office 2016: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the vulnerabilities, go to the following Common...
Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018
Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the...
CVE-2018-0798
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability"...
CVE-2018-0798
The CVE-2018-0798 entry concerns a memory corruption vulnerability in Microsoft Office (Word/Equation Editor) across Office 2007–2016. The root cause is how certain objects are handled in memory, enabling remote code execution when a specially crafted file is opened. Connected documents indicate ...
CVE-2018-0798
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka “Microsoft Office Memory Corruption Vulnerability”. Recent assessments: Assessed Attacke...
Microsoft Office 2010 Service Pack 2 Remote Code Execution Vulnerabilities (KB4011610)
This host is missing an important security update according to Microsoft KB4011610 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Office 2013 Service Pack 1 Remote Code Execution Vulnerabilities (KB4011580)
This host is missing an important security update according to Microsoft KB4011580 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Office Compatibility Pack Service Pack 3 Multiple RCE Vulnerabilities (KB4011607)
This host is missing a critical security update according to Microsoft KB4011607 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Word 2010 Service Pack 2 Multiple RCE Vulnerabilities (KB4011659)
This host is missing a critical security update according to Microsoft KB4011659 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Office Word Multiple Vulnerabilities (KB4011651)
This host is missing a critical security update according to Microsoft KB4011651. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Description of the security update for Office 2010: January 9, 2018
Description of the security update for Office 2010: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the vulnerabilities, go to the following Common...
Description of the security update for Office 2013: January 9, 2018
Description of the security update for Office 2013: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the vulnerabilities, go to the following Common...
Security Updates for Microsoft Office Compatibility SP3 (January 2018)
The Microsoft Office Compatibility Pack products installed on the remote host are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in...
Security Updates for Microsoft Word Products (January 2018)
The Microsoft Words Products are missing security updates. It is therefore affected by multiple issues involving handling of Office and RTF Rich Text Format files. If successfully exploited, an attacker could execute code in the context of the current user. C Tenable Network Security, Inc...