Lucene search
K

109 matches found

exploitpack
exploitpack
added 2017/04/18 12:0 a.m.682 views

Microsoft Word - .RTF Remote Code Execution

Microsoft Word - .RTF Remote Code Execution !/usr/bin/env python ''' Exploit toolkit CVE-2017-0199 - v4.0 https://github.com/bhdresh/CVE-2017-0199 Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/41894.zip ''' import...

9.3CVSS8.7AI score0.99933EPSS
Exploits29
myhack58
myhack58
added 2017/04/17 12:0 a.m.2599 views

CVE-2017-0199: Microsoft Office RTF vulnerability using the PoC-vulnerability warning-the black bar safety net

0x01 description From FireFye detect and publish CVE-2017-0199 since, I have been researching this vulnerability in Microsoft officially released the patch, I decided to release this PoC. I use way possible with other researchers using different methods, the use of the method may be little bit...

8.5AI score0.99933EPSS
Exploits29
0day.today
0day.today
added 2017/04/16 12:0 a.m.851 views

Microsoft Office / WordPad Remote Code Execution Vulnerability

Exploit for windows platform in category remote exploits CVE-2017-0199 Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API =================================================== Vulnerability description =================================================== A remote code executi...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
Metasploit
Metasploit
added 2017/04/15 2:32 a.m.324 views

Microsoft Office Word Malicious Hta Execution

This module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how a olelink object can make a https request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in...

7.8CVSS10AI score0.99933EPSS
Exploits29
myhack58
myhack58
added 2017/04/15 12:0 a.m.1666 views

Spread banking Trojan the Office 0day Vulnerability(CVE-2017-0199)technical analysis-vulnerability warning-the black bar safety net

Vulnerability overview Microsoft in 4 months of routine patch of 4 on 12, the A Office remote command execution vulnerability, CVE-2017-0199 for the repair, but in fact in the patch before the release there has been more use of this vulnerability in the wild is found, which contains the...

8.3AI score0.99933EPSS
Exploits29
myhack58
myhack58
added 2017/04/13 12:0 a.m.2906 views

CVE-2017-0199: analysis Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

FireEye recently detected using CVE-2017-0199 security vulnerabilities malicious Microsoft Office RTF document, be aware of CVE-2017-0199, but had not been disclosed vulnerability. When the user opens that contains the exploit Code of the document, the malicious code will download and execute the...

8.7AI score0.99933EPSS
Exploits29
seebug.org
seebug.org
added 2017/04/12 12:0 a.m.244 views

Microsoft Office OLE2Link vulnerability (CVE-2017-0199)

Vulnerability details references: Office OLE2Link zero-day from NCCGroup) CVE-2017-0199: In the Wild Attacks Leveraging the HTA Handler From FireEye) HTAsThe Microsoft OLE2Link object contains a vulnerability in the way that it processes remotely-linked content. The remote content is opened based...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
FireEye
FireEye
added 2017/04/11 1:30 p.m.3362 views

CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler

FireEye recently detected malicious Microsoft Office RTF documents that leverage CVE-2017-0199, a previously undisclosed vulnerability. This vulnerability allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a document containing ...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
FireEye
FireEye
added 2017/04/11 1:30 p.m.684 views

CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler

FireEye recently detected malicious Microsoft Office RTF documents that leverage CVE-2017-0199, a previously undisclosed vulnerability. This vulnerability allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a document containing ...

9.3CVSS8.6AI score0.99933EPSS
Exploits29
myhack58
myhack58
added 2017/04/11 12:0 a.m.46 views

The Word exposed 0day vulnerabilities: no need to enable the macros, open the document it automatically install a malicious program-vulnerability warning-the black bar safety net

! In fact, the use of Word macros as the distribution of malicious programs is the way today's conventional via, so many people choose to disable macros, but if you say disable the macros are useless, such a malicious Word document danger is quite different. Recently, McAfee and FireEye security...

7.6AI score
Exploits0
CERT
CERT
added 2017/04/10 12:0 a.m.3332 views

Microsoft OLE URL Moniker improperly handles remotely-linked HTA data

Overview Microsoft OLE uses the URL Moniker to open application data based on the server-provided MIME type, which can allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft OLE uses the URL Moniker to processes remotely-linked content in ...

9.3CVSS8.4AI score0.99933EPSS
Exploits29References7
Cisco Threats
Cisco Threats
added 2016/08/12 2:1 p.m.16 views

Threat Outbreak Alert RuleID24197: Email Messages Distributing Malicious Software on August 12, 2016

Medium Alert ID: 48456 First Published: 2016 August 12 14:01 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID24197 may contain the following files: Name |...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.376 views

Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)

Document Title: =============== Microsoft HTA HTML Application - Remote Code Execution Vulnerability MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M...

9.3CVSS0.7AI score0.94996EPSS
Exploits39
Packet Storm
Packet Storm
added 2015/08/22 12:0 a.m.73 views

Microsoft HTA (HTML Application) Remote Code Execution

Document Title: =============== Microsoft HTA HTML Application - Remote Code Execution Vulnerability MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M...

9.3CVSS8.6AI score0.94996EPSS
Exploits39
0day.today
0day.today
added 2015/08/21 12:0 a.m.56 views

Mozilla Maintenance Service Log File Overwrite Elevation of Privilege Exploit

Exploit for windows platform in category local exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege...

3.3CVSS9AI score0.00797EPSS
Exploits1
Exploit DB
Exploit DB
added 2015/08/21 12:0 a.m.45 views

Mozilla - Maintenance Service Log File Overwrite Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=427&can=1 Mozilla Maintenance Service: Log File Overwrite Elevation of Privilege Platform: Windows Version: Mozilla Firefox 38.0.5 Class: Elevation of Privilege Summary: The maintenance service creates a log file in a use...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/08/17 12:0 a.m.9 views

Microsoft Windows HTA (HTML Application) - Remote Code Execution (MS14-064)

Microsoft Windows HTA HTML Application - Remote Code Execution MS14-064 !/usr/bin/php poc'."\n\n"; $reza = socketcreateAFINET, SOCKSTREAM, 0 or die'Failed to create socket!'; socketbind$reza, 0,$port; socketlisten$reza; $msgd = "\x3c\x68\x74\x6d\x6c\x3e\x0d\x0a...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/17 12:0 a.m.40 views

Microsoft Windows HTA Remote Code Execution

!/usr/bin/php poc'."\n\n"; $reza = socketcreateAFINET, SOCKSTREAM, 0 or die'Failed to create socket!'; socketbind$reza, 0,$port; socketlisten$reza; $msgd = "\x3c\x68\x74\x6d\x6c\x3e\x0d\x0a\x3c\x6d\x65\x74\x61\x20\x68\x74\x74\x70\x2d\x65\x71\x75\x69\x76"...

9.3CVSS0.2AI score0.94996EPSS
Exploits39
Exploit DB
Exploit DB
added 2015/08/17 12:0 a.m.33 views

Microsoft Windows HTA (HTML Application) - Remote Code Execution (MS14-064)

!/usr/bin/php poc'."\n\n"; $reza = socketcreateAFINET, SOCKSTREAM, 0 or die'Failed to create socket!'; socketbind$reza, 0,$port; socketlisten$reza; $msgd = "\x3c\x68\x74\x6d\x6c\x3e\x0d\x0a\x3c\x6d\x65\x74\x61\x20\x68\x7...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2015/08/15 12:0 a.m.358 views

MS HTA (HTML Application) - Code Execution (MS14-064)

Document Title: =============== MS HTA HTML Application - Code Execution MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6332 CVE-ID: =======...

9.3CVSS8.8AI score0.94996EPSS
Exploits39
Rows per page
Query Builder