Microsoft Word 2000 malformed record vulnerability

Overview Microsoft Word 2000 contains a memory corruption vulnerability. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running Word 2000. Description Microsoft Word 2000 fails to properly handle malformed records leadin...

Microsoft Visual Basic for Applications Document Check Buffer Overflow Vulnerability

Description A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs due to insufficient bounds checking when checking the properties of malicious documents. As a result, a malformed document may be able to trigger a buffer-overflow within the...

Microsoft Excel DATETIME Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. A remote attacker may exploit this issue to execute arbitrary machine code in the context of the user running the application. Note that Microsoft Office applications include functionality to embed Office files as...

US-CERT Technical Cyber Security Alert TA06-167A -- Microsoft Excel Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-167A Microsoft Excel Vulnerability Original release date: June 16, 2006 Last revised: -- Source: US-CERT Systems Affected Microsoft Excel 2003 Microsoft Excel XP 2002 Microsoft Excel for...

DSA-1091-1 tiff - buffer overflows

Bulletin has no description...

CVE-2006-1540

MSO.DLL in Microsoft Office 2000, Office XP 2002, and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a...

CVE-2006-1540

MSO.DLL in Microsoft Office 2000, Office XP 2002, and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a...

Design/Logic Flaw

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service memory exhaustion via crafted non-canonicalized XML documents...

CVE-2006-1352

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service memory exhaustion via crafted non-canonicalized XML documents...

CVE-2006-1352

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service memory exhaustion via crafted non-canonicalized XML documents...

CVE-2006-0807

Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 allows user-assisted attackers to execute arbitrary code via font names in NJStar .njx documents...

Stack overflow

Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 allows user-assisted attackers to execute arbitrary code via font names in NJStar .njx documents...

CVE-2006-0807

Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 allows user-assisted attackers to execute arbitrary code via font names in NJStar .njx documents...

Kerio WinRoute FireWall multiple DoS conditions

DoS on HTML documents parsing and on oversized Active Directory server reply...

AltantisFAQ SQL inj. vuln.

Atlantis GPL Knowledge Base Software SQL inj. vuln. Vuln. dicovered by : r0t Date: 28 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/altantisfaq-sql-inj-vuln.html Vendor:http://atlantisfaq.com/ affected version:3.0 and prior Product Description: Atlantis FAQ AltantisFAQ Free...

File absolute path to access that support non-８ ０ port-vulnerability warning-the black bar safety net

Get the current asp implementation file where the absolute path support with port absolute path to/end in solving some ofXMLdocuments called useful． Or applied to the thief program, the program is as follows //poweredBy Airzen //qq:3 9 1 9 2 1 7 0 //e mail:[email protected] //date:2004-12-03 //repo...

Security Update for Office XP (KB873352)

A security vulnerability exists in Microsoft Office XP that could allow malicious code execution when Office documents are stored and opened from a web site. This update resolves this vulnerability...

CVE-2005-1841

The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it...

Computer Associates antivirus library buffer overflow

Heap overflow on OLE streams VBA projects analysis Microsoft Office documents...

Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2005:082)

AD-LAB discovered a heap overflow in the StgCompObjStream::Load function when OpenOffice.org processes DOC documents. If an attacker created a malicious DOC document that contained a specially crafted header, it could execute arbitrary code with the rights of the user running OpenOffice.org. The...