126 matches found
ESTsoft Alyac 输入验证错误漏洞
ESTsoft Alyac is a low-priced comprehensive security software from the Korean company ESTsoft. A security vulnerability exists in ESTsoft Alyac 2.5.8.544, which is caused by an integer overflow in the way an OLE file is parsed, and can be exploited by an attacker to execute arbitrary code...
July 5, 2022, update for Office 2016 (KB5002226)
July 5, 2022, update for Office 2016 KB5002226 This article describes update 5002226 for Microsoft Office 2016 that was released on July 5, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to Offi...
Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability
A vulnerability exists in Windows Object Linking & Embedding OLE that could allow remote code execution if a user opens a file that contains a specially crafted OLE object...
Vulnerability of Windows operating systems, related to errors in code generation, allows a hacker to execute arbitrary code.
The vulnerability of Windows operating systems is related to errors in code generation control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created file containing a malicious OLE object...
TechSmith Snagit 安全漏洞
Techsmith TechSmith SnagIT is a set of screen capture software from Techsmith USA. The software is mainly used to take screenshots and record videos on the screen. A security vulnerability exists in TechSmith Snagit that stems from TechSmith Snagit's use of Object Linking and Embedding OLE, which...
PT-2021-10148
Name of the Vulnerable Software and Affected Versions: TechSmith Snagit version 19.1.0.2653 Description: The issue allows attackers to obfuscate and embed crafted files used to escalate privileges by utilizing Object Linking and Embedding OLE. Recommendations: For TechSmith Snagit version...
Vulnerability of the Windows OLE operating system component, allowing a hacker to execute arbitrary code
The vulnerability of the Windows OLE operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Microsoft Windows and Microsoft Windows Server OLE Remote Code Execution Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems.OLE is a technology that allows applications to share data and...
CVE-2019-1484
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'...
The vulnerability of the OLE component of the Windows operating system, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the OLE component in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
USN-3940-1 clamav vulnerabilities
It was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-1787 It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote...
CVE-2017-0211
An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability."...
Microsoft Office Word OLE Object Code Execution Vulnerability
Microsoft Office is a popular office software suite developed by Microsoft. A code execution vulnerability exists in the Microsoft Office Word OLE object, which can be exploited by an attacker to obtain permission to remotely execute arbitrary code, covertly install a variety of malware, and infe...
PT-2017-2447 · Ruby · Ruby
Name of the Vulnerable Software and Affected Versions: Ruby affected versions not specified Description: The issue is related to type confusion in the WIN32OLE class of Ruby, specifically in the ole invoke and ole query interface methods. This occurs when an attacker passes a different type of...
CVE-2016-3375
The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to...
CVE-2016-3235
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...
Microsoft Office OLE DLL End Load Vulnerability
Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A security vulnerability exists in Microsoft Office that originates from the program failing to properly...
Microsoft Windows OLE Remote Code Execution Vulnerability
Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. OLE Object Linking and Embedding is a technology that allows applications to share data and functionality. A remote code execution vulnerability exists in OLE for Microsoft Windows that originates fro...
CVE-2016-0153
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Remote Code Execution Vulnerability."...
Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of the OLE component in the Windows operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...