171 matches found
Microsoft Word Malformed Object Pointer Vulnerability
Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code...
Microsoft Works and Office WkImgSrv.dll ActiveX Control Code Execution (CVE-2008-1898)
A vulnerability has been reported in Microsoft Works 7 and Microsoft Office 2003 and 2007. The vulnerability is due to a boundary error while handling an overly large argument. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that would pas...
Microsoft Works 8.0 File Converter Field Length Remote Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27659/info Microsoft Works File Converter is prone to a remote code-execution vulnerability because it fails to adequately validate user-supplied input. An attacker could exploit this issue by enticing a victim to open a...
Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit
No description provided by source. $Id: msworkswkspictureinterface.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
microsoft works 8.0 spreadsheet Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18989/info The spreadsheet component of Microsoft Works is prone to multiple remote vulnerabilities, including buffer-overflow and denial-of service issues. These issues occur because the application fails to handle...
Microsoft Works WPS File Field Length Handling Stack Overflow (MS08-011) - Ver2 (CVE-2008-0108)
Microsoft Works is home productivity software suite with fewer features than the Microsoft Office suite. The Microsoft Works Converter allows the user to open, edit, and save files in the Microsoft Works file format. CVE-2007-0216: The vulnerability is due to an error in the Microsoft Works...
Microsoft Works File Converter Heap Overflow - Ver2 (CVE-2012-0177)
A buffer overflow vulnerability has been reported in Microsoft Works. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
MS12-065: Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670)
The remote host is running a version of Microsoft Works for Windows that is affected by a heap overflow vulnerability. If an attacker can trick a user on the affected host into opening a specially crafted Works file, the attacker may be able to leverage this issue to run arbitrary code on the hos...
CVE-2012-2550
Microsoft Works 9 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted Word .doc file, aka "Works Heap Vulnerability."...
Heap overflow
Microsoft Works 9 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted Word .doc file, aka "Works Heap Vulnerability."...
CVE-2012-2550
Microsoft Works 9 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted Word .doc file, aka "Works Heap Vulnerability."...
CVE-2012-2550
Microsoft Works for Windows (Works 9) has a heap overflow/heap memory corruption vulnerability in Word file handling that could allow remote code execution when a user opens a crafted .doc file. An attacker could run arbitrary code subject to the user’s privileges. This is referenced as MS12-065 ...
Microsoft Works RTF Heap Remote Code Execution (MS12-065; CVE-2012-2550)
A remote code execution vulnerability has been reported in Microsoft Works...
Microsoft Works memory corruption
Memory corruption on Word files parsing...
Microsoft Works CVE-2012-2550 Word File Handling Remote Memory Corruption Vulnerability
Description Microsoft Works is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...
MS12-028: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
The remote host is running a version of Microsoft Works for Windows document converter that is affected by a heap overflow vulnerability. If an attacker can trick a user on the affected host into opening a specially crafted Works file, this issue could be leveraged to run arbitrary code on the ho...
Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX (Metasploit)
$Id: msworkswkspictureinterface.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft Word sprmCMajority记录解析栈溢出漏洞(MS10-056)
BUGTRAQ ID: 42136 CVE ID: CVE-2010-1900 Word是微软Office套件中的文字处理工具。 在解析Word文档中的sprmCMajority记录时,由于处理sprmCMajority sprm组没有对参数执行检查,攻击者可以控制写入到栈缓冲区中的数据数量,触发栈溢出。成功利用此漏洞的攻击者可完全控制受影响的系统。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Wo...
Microsoft Works File Converter WPS File Section Header Index Table Stack Overflow (MS08-011; CVE-2008-0105)
Microsoft Works is a home/office productivity software suite. Its core functionality includes a word processor, a spreadsheet, and a database. A Microsoft Works Document, normally denoted by the extension .wps, has numerous properties which define the appearance of the document, as well as some...
Microsoft Security Bulletin MS09-073 - Important Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)
Microsoft Security Bulletin MS09-073 - Important Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution 975539 Published: December 08, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microso...