6 matches found
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 aka UAC-0001 has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group weaponizing the...
CVE-2023-38245
Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a...
CVE-2021-44739
Acrobat Reader DC ActiveX Control versions 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issu...
Microsoft Office Excel SupBook Record Linked List Corruption (MS11-021; CVE-2011-0979)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly manage the members of a data structure while parsing a specially crafted Excel...
Microsoft Office Execution Jump Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-i...
Microsoft Office Malformed Chart Record Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. This issue occurs when Office attempts to process malformed files. An attacker could exploit this issue by enticing a victim to load a malicious Office file. If the vulnerability is successfully exploited, this could...