59 matches found
Microsoft Office Excel WorksheetOptions Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the mso.dll of Microsoft Office. A specially crafted XLS file can cause a use after free, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. Tested Versions...
CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net
0x00 Preface Recently, researchers also found a number of CVE-2017-0199 vulnerability of the sample. Although the Microsoft in this year 4 month has been released for the vulnerability the patch, but since its use is relatively simple, worldwide usage is still very high, here to share some of the...
CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net
Recently, researchers also found a number of CVE-2017-0199 vulnerability of the sample. Although the Microsoft in this year 4 month has been released for the vulnerability the patch, but since its use is relatively simple, worldwide usage is still very high, here to share some of the phishing...
Microsoft Office PowerPoint 2010 - MSO!Ordinal5429 Missing Length Check Heap Corruption Exploit
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=949 Platform: Microsoft Office 2010 on Windows 7 x86 Class: heap memory corruption The following crash was observed in Microsoft Office 2010 running under Windows 7 x86 with...
Microsoft Office PowerPoint 2010 - MSO!Ordinal5429 Missing Length Check Heap Corruption
Microsoft Office PowerPoint 2010 - MSO!Ordinal5429 Missing Length Check Heap Corruption Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=949 Platform: Microsoft Office 2010 on Windows 7 x86 Class: heap memory corruption The following crash was observed in Microsoft Office 2010...
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=866 The following crash was observed in Microsoft PowerPoint 2010 running under Windows 7 x86 with application verifier enabled. File versions are: mso.dll: 14.0.7166.5000...
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=866 The following crash was observed in Microsoft PowerPoint 2010 running under Windows 7 x86 with application verifier enabled. File versions are: mso.dll: 14.0.7166.500...
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=866 The following crash was observed in Microsoft PowerPoint 2010 running under Windows 7 x86 with application verifier enabled. File versions are: mso.dll: 14.0.7166.5000 ppcore.dll: 14.0.7168.5000 Attached crashing file:...
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
Microsoft Office 2007 - BIFFRecord Length Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=464 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and...
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
Source: https://code.google.com/p/google-security-research/issues/detail?id=465 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 ...
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
Source: https://code.google.com/p/google-security-research/issues/detail?id=464 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 ...
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion Source: https://code.google.com/p/google-security-research/issues/detail?id=465 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for...
Microsoft Office 2007 - OneTableDocumentStream Invalid Object
Source: https://code.google.com/p/google-security-research/issues/detail?id=171&can=1 The following access violation was observed in Microsoft Office 2007 Word document: 8c0.e68: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
Microsoft Office 2007 MSO.dll Arbitrary Free Exploit
Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and...
Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081)
Microsoft Office 2007 - mso.dll Use-After-Free MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=414&can=1 The following crash was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application...
Microsoft Office 2007 - mso.dll Arbitrary Free (MS15-081)
Microsoft Office 2007 - mso.dll Arbitrary Free MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testin...
Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)
Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office...
Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081)
Source: https://code.google.com/p/google-security-research/issues/detail?id=414&can=1 The following crash was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application verified was enabled for testing and reproduction. This samp...
Microsoft PowerPoint 2003 mso.dll PPT Processing Unspecified Code Execution
No description provided by source. source: http://www.securityfocus.com/bid/18993/info Microsoft PowerPoint is prone to multiple remote vulnerabilities. Three proof-of-concept exploit files designed to trigger vulnerabilities in PowerPoint have been released. It is currently unknown if these thre...
Microsoft Office "MSO.dll"未初始化指针远程代码执行漏洞(MS11-073)
BUGTRAQ ID: 49513 CVECAN ID: CVE-2011-1982 Microsoft Office是一套由微软公司开发的办公软件,它为Microsoft Windows和Apple Macintosh操作系统而开发。 Microsoft Office实现上存在"MSO.dll"处理未初始化指针漏洞,远程攻击者可利用此漏洞以当前用户权限执行任意代码,可能造成拒绝服务。 Microsoft Office 2010 Microsoft Office 2007 厂商补丁: Microsoft ---------...