HackTool.Win32.Agent.gi Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e60606d19a36789662ba97b4bb5c4ccf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.Agent.gi Vulnerability: Local Stack Buffer Overflow SEH Description: The Hack Office...

Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel

Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Excel contains a code execution vulnerability. This specific bug lies in the component of Excel that handles the Microsoft Office HTML and XML file types, first introduced in Office 2000. Microsoft disclosed...

Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Excel

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a remote code execution vulnerability in Microsoft Excel. Microsoft disclosed this bug as part of their monthly security update Tuesday. This vulnerability exists in the...

Microsoft Office 2000 (OUACTRL.OCX 1.0.1.9) - Remote DoS Exploit

No description provided by source. pre span style=font: 14pt Courier New;p align=centerb2007/05/23/b/p/span codespan style=font: 10pt Courier New;span class=general1-symbol---------------------------------------------------------------------------------------------------------------------------...

Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)

No description provided by source. $Id: ms10087rtfpfragmentsbof.rb 11875 2011-03-04 08:39:48Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)

This module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office 2010, 2007, 2003, and XP prior to the release of the MS10-087 bulletin are vulnerable. This module does not attempt to explo...

CVE-2009-1534

CVE-2009-1534 : Buffer overflow in the Office Web Components ActiveX Control used by Microsoft Office Web Components across multiple products (Office XP/2000 Web Components SP3, BizTalk Server 2002, Visual Studio .NET 2003 SP1) enables remote code execution via crafted property values. The issue ...

Microsoft Office Web Components ActiveX Control Stack Buffer Overflow Code Execution Vulnerability

Description The Microsoft Office Web Components ActiveX control is prone to a remote stack-based buffer-overflow vulnerability. An attacker could exploit this issue by enticing a victim to visit a maliciously crafted webpage. Successful exploits will allow the attacker to execute arbitrary code...

JVN#70858401 Buffer overflow vulnerability in Microsoft Works converters

Microsoft Works converters contain a buffer overflow vulnerability when processing Works .wps files. Impact If a user opens a malicious Works file, an attacker may execute arbitrary code. Solution Update the software Update to latest version according to the information provided by Microsoft...

Buffer overflow

Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka "File Converter Buff...

CVE-2009-0558

CVE-2009-0558 is an Array Indexing Memory Corruption Vulnerability in Microsoft Office Excel parsing code that can be triggered by a specially crafted Excel file. It affects Microsoft Office/Excel on Mac (Office 2004 and 2008 for Mac) and the Open XML File Format Converter for Mac, as well as Exc...

Microsoft PowerPoint多个安全漏洞

CVE-2009-0220 CVE-2009-0221 CVE-2009-0222 CVE-2009-0223 CVE-2009-0224 CVE-2009-0225 CVE-2009-0226 CVE-2009-0227 CVE-2009-1128 CVE-2009-1129 CVE-2009-1130 CVE-2009-1131 CVE-2009-1137 Microsoft PowerPoint存在多个安全漏洞，它可以被恶意利用。 1 ）两个边界错误处理某些原子可以被利用来造成基于堆栈的缓冲区溢出通过一个特制的PowerPoint文件。 2...

Microsoft Security Bulletin MS09-009 - Critical Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)

Microsoft Security Bulletin MS09-009 - Critical Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution 968557 Published: April 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported and a publicly disclosed vulnerability...

WordPad and Office Text Converter Memory Corruption Vulnerability (960477)

This host is missing a critical security update according to Microsoft Bulletin MS09-010. OpenVAS Vulnerability Test $Id: secpodmswordpadmultvuln.nasl 5370 2017-02-20 15:24:26Z cfi $ WordPad and Office Text Converter Memory Corruption Vulnerability 960477 Authors: Chandan S Update description and...

iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability

iDefense Security Advisory 08.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 12, 2008 I. BACKGROUND Microsoft Excel is the spreadsheet application that is included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website...

CVE-2008-3020

Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."...

CVE-2008-3020

CVE-2008-3020 is a remote code execution vulnerability in Microsoft Office filters, specifically in the BMPIMP32.FLT module used by Office BMP import handling. A crafted BMP image with a malformed header (e.g., an excessive number of colors) causes a heap buffer overflow/memory corruption in BMP ...

CVE-2008-3019

CVE-2008-3019 describes a remote code execution vulnerability in Microsoft Office filters related to malformed Encapsulated PostScript (EPS) handling. A crafted EPS file could allow code execution when opened with affected Office products: Office 2000 SP3, XP SP3, and 2003 SP2, plus the Office Co...

Microsoft Security Bulletin MS08-051 – Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) Microsoft Security Bulletin MS08-051 – Critical

Microsoft Security Bulletin MS08-051 – Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution 949785 Published: August 12, 2008 Version: 1.0 General Information Executive Summary This security update resolves three privately reported vulnerabilities in Microsoft Office...

Memory corruption

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets CSS selectors, related to a "memory handling erro...