Microsoft Office 97 HTMLMARQ.OCX Library Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21262/info The Microsoft Office HTMLMARQ.OCX library is prone to a denial-of-service issue. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Remote code execution...

Microsoft IE4 Clipboard Paste Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/215/info The Windows clipboard contains data that has been cut or copied from various windows applications. This data can be accessed and posted to malicious web forms at web sites without the knowledge of the visiting...

Microsoft Wordpad / Office Text Converters memory corruption

Memory corruption on Office 97 documents parsing...

CVE-1999-1431

ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications such as Word, installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe...

CVE-1999-1431

CVE-1999-1431 describes a local bypass in ZAK Appstation: an attacker can launch Explorer from Office 97 applications (e.g., Word), install software into the TEMP directory, and rename it to an allowed executable such as Winword.exe to bypass the Run only allowed apps policy. CVSS v2 is base 4.6 ...

CVE-1999-1431

ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications such as Word, installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe...

microsoft.privacy.issue.txt

Date: Tue, 11 May 1999 21:55:22 -0600 MDT From: cult hero To: InfoSec News Subject: ISN Everywhere your MAC address shows up Forwarded From: MICROSOFT'S HEAVY HAND IN THE COOKIE JAR A special report from YEOW - Barry Simon. See the Woody's Office Watch discussion and details on the Office 97...