3 matches found
CVE-2018-8307
A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server...
Microsoft Office Composite Moniker Code Execution (CVE-2017-8570)
A remote code execution vulnerability exists in Microsoft Office. This vulnerability is due to incorrect handling of embedded OLE objects in Office documents. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted file...
Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-041/MS16-070) (Metasploit)
require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various...