19 matches found
EUVD-2023-42065
Malicious code in bioql PyPI...
[SECURITY] Fedora 40 Update: libreoffice-24.2.1.2-5.fc40
LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...
CVE-2021-44739
Acrobat Reader DC ActiveX Control versions 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issu...
MS15-081: Description of the security update for Word 2010: August 11, 2015
Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office...
MS15-081: Description of the security update for PowerPoint 2010: August 11, 2015
Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office...
MS16-029: Description of the security update for Word Automation Services on SharePoint Server 2013: March 8, 2016
MS16-029: Description of the security update for Word Automation Services on SharePoint Server 2013: March 8, 2016 Summary This security update resolves vulnerabilities in Microsoft SharePoint that could allow remote code execution if a user opens a specially crafted Office file. To learn more...
Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage
Microsoft Office 2007 - wwlib.dll fcPlcfFldMom Uninitialized Heap Usage Source: https://code.google.com/p/google-security-research/issues/detail?id=424&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier...
Microsoft Windows OLE Remote Code Execution (MS14-060) - ver 2 (CVE-2014-4114; CVE-2014-6352)
A remote code execution vulnerability has been reported in Microsoft Object Linking and Embedding OLE technology. This vulnerability is caused when a user downloads, or receives, and then opens a Microsoft Office file which contains specially crafted OLE objects...
Microsoft Word RTF文件解析错误代码执行漏洞
CVE ID:CVE-2014-1761 Microsoft Word 是微软公司的一个文字处理软件。 因Microsoft Word在解析畸形的RTF格式数据时存在错误导致内存破坏,使得攻击者能够执行任意代码。当用户使用Microsoft Word受影响的版本打开恶意RTF文件,或者Microsoft Word是Microsoft Outlook的Email Viewer时,用户预览或打开恶意的RTF邮件信息,攻击者都可能成功利用此漏洞,从而获得当前用户的权限。值得注意的是,Microsoft Outlook 2007/2010/2013默认的Email Viewer都是Microso...
Fedora Update for libreoffice FEDORA-2013-13479
Check for the Version of libreoffice OpenVAS Vulnerability Test Fedora Update for libreoffice FEDORA-2013-13479 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
[SECURITY] Fedora 18 Update: libreoffice-3.6.7.2-3.fc18
LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...
Microsoft DirectX DirectPlay堆溢出任意代码执行漏洞(MS12-082)
BUGTRAQ ID: 56839 CVECAN ID: CVE-2012-1537 DirectX是Windows操作系统下的多媒体系统链接库。 Microsoft DirectX功能的DirectPlay组件在实现上存在错误,通过诱使用户打开特制的文件,未经身份验证的远程攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows XP Professional Microsoft Windows XP Home Edition Microsoft Windows Vista...
Fedora Update for libreoffice FEDORA-2012-11402
Check for the Version of libreoffice OpenVAS Vulnerability Test Fedora Update for libreoffice FEDORA-2012-11402 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
Microsoft Excel Office Art远程代码执行漏洞(MS11-021)
BUGTRAQ ID: 47226 CVE ID: CVE-2011-0979 Microsoft Excel是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。 Microsoft Excel在实现上存在缓冲区溢出漏洞,远程攻击者可利用此漏洞以当前用户权限执行任意代码,造成拒绝服务。 Microsoft Office Excel处理特制Excel文件的方式中存在一个远程执行代码漏洞,成功利用此漏洞的攻击者便可完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户 Microsoft...
Microsoft Word RTF解析引擎堆溢出漏洞(MS10-056)
BUGTRAQ ID: 42133 CVE ID: CVE-2010-1902 Word是微软Office套件中的文字处理工具。 在处理RTF文档中的某些绘图对象控制字时,Word未经长度检查便将属性值拷贝到了堆缓冲区上,触发堆溢出。成功利用此漏洞的攻击者可以获得与本地用户相同的权限。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Word 2002 SP3 临时解决方法: 以纯文本格式阅读电子邮件。...
Integer overflow
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented o...
CVE-2009-1011
CVE-2009-1011 concerns a multiple integer overflow in Oracle Outside In Technology as included in Oracle Application Server (8.2.2 and 8.3.0). The vulnerability arises when Outside In processes an optional data stream inside Microsoft Office files; an unchecked integer value can trigger arithmeti...
Out-of-bounds
QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted Microsoft Office file, related to insufficient "bounds checking."...
CVE-2008-2325
QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted Microsoft Office file, related to insufficient "bounds checking."...