109 matches found
Microsoft Forms 2.0 ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26414/info Microsoft Forms 2.0 ActiveX Control is prone to multiple memory-access violation denial-of-service vulnerabilities. Attackers can exploit these issues to crash Internet Explorer and deny service to legitimate...
Microsoft Office Excel Code Execution
!/usr/bin/perl Microsoft Office Excel ReadAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://office.microsoft.com Vendor Description: Microsoft Excel is a commercial spreadsheet application written and distributed by Microsoft for Microsoft Windows and Mac OS X. It feature...
Visual Basic for Applications Remote Code Execution Vulnerability (2707960)
This host is missing a critical security update according to Microsoft Bulletin MS12-046. OpenVAS Vulnerability Test $Id: secpodms12-046.nasl 5931 2017-04-11 09:02:04Z teissa $ Visual Basic for Applications Remote Code Execution Vulnerability 2707960 Authors: Madhuri D Copyright: Copyright c 2012...
MS12-046: Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960)
The version of Visual Basic for Applications installed on the remote host is affected by an insecure library loading vulnerability. A remote attacker could exploit this flaw by tricking a user into opening a legitimate Microsoft Office file located in the same directory as a maliciously crafted...
Microsoft Visual Basic for Applications Insecure Library Loading (MS12-046; CVE-2012-1854)
A remote code execution vulnerability has been reported in Microsoft Visual Basic for Applications VBA...
PT-2012-3598
Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 Microsoft Visual Basic for Applications VBA Summit Microsoft Visual Basic for Applications SDK Description The issue allows local users to gain privileges via a Trojan...
Ubuntu Update for clamav vulnerability USN-1076-1
Ubuntu Update for Linux kernel vulnerabilities USN-1076-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10761.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for clamav vulnerability USN-1076-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
Ubuntu 9.10 / 10.04 LTS / 10.10 : clamav vulnerability (USN-1076-1)
It was discovered that the Microsoft Office processing code in libclamav improperly handled certain Visual Basic for Applications VBA data. This could allow a remote attacker to craft a document that could crash clamav or possibly execute arbitrary code. In the default installation, attackers wou...
Memory corruption
VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications VBA, and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via ...
Microsoft Patches Worm Holes in Mail Server, Visual Basic for Apps
Microsoft today issued patches for a pair of critical remote code execution vulnerabilities in Windows and Microsoft Office and urged affected users to apply the fixes as soon as possible. The most serious issue, addressed in the MS10-030 bulletin, affects Outlook Express, Windows Mail and Window...
Microsoft Visual Basic for Applications Text Parsing Stack Buffer Overflow Vulnerability
Description Microsoft Visual Basic for Applications VBA is prone to a remote stack-based buffer-overflow vulnerability because of an error related to searching for embedded ActiveX controls within a Microsoft Office document. An attacker could exploit this issue to corrupt stack memory and execut...
MS10-031: Description of the security update for Microsoft Visual Basic for Applications runtime: May 11, 2010
Resolves a security vulnerability that exists in Microsoft Visual Basic for Applications runtime that could allow remote code execution of a maliciously modified file.INTRODUCTIONMicrosoft has released security bulletin MS10-031. To view the complete security bulletin, visit one of the following...
Microsoft Excel Style Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file '.xls'. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service
Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service source: https://www.securityfocus.com/bid/26414/info Microsoft Forms 2.0 ActiveX Control is prone to multiple memory-access violation denial-of-service vulnerabilities. Attackers can exploit these issues to crash...
Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service
source: https://www.securityfocus.com/bid/26414/info Microsoft Forms 2.0 ActiveX Control is prone to multiple memory-access violation denial-of-service vulnerabilities. Attackers can exploit these issues to crash Internet Explorer and deny service to legitimate users. Note: Forms 2.0 ActiveX is...
Microsoft Visual Basic for Applications文档检查溢出漏洞(MS06-047)
Microsoft Visual Basic for Applications(VBA)是用于开发客户端桌面所包装的应用程序并集成到现有数据和系统的开发技术。 VBA在处理包含畸形属性字段的文档时存在漏洞,攻击者可能利用此漏洞在用户机器上执行任意指令。 VBA在打开文档时会检查主机应用程序对其传送的某些文档属性,因此主机应用程序就可能向VBA传送未检查的参数。如果攻击者能够诱骗用户打开设置了特殊属性的文档的话,就可能触发缓冲区溢出,导致执行任意代码。 Microsoft Office XP Microsoft Office 2000 Microsoft Visual Basic for...
CVE-2006-3649
CVE-2006-3649 describes a remote code execution vulnerability in Microsoft Visual Basic for Applications (VBA) across VBA SDK 6.0–6.4 used by Office 2000 SP3, Office XP SP3, and related apps. The flaw stems from an improper boundary check / validation of document properties passed to VBA when ope...
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution 921645 Published: August 8, 2006 Version: 1.0 Summary Who Should Read this Document: Customers using Microsoft Office applications or applications that use Microsoft...
VulnCheck KEV: CVE-2006-3649
Buffer overflow in Microsoft Visual Basic for Applications VBA SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute...
MS06-047: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
The remote host is running a version of Microsoft Visual Basic for Applications that is vulnerable to a buffer overflow when handling malformed documents. An attacker may exploit this flaw to execute arbitrary code on this host by sending a malformed file to a user of the remote host. C Tenable...