EUVD-2022-34197

Malicious code in bioql PyPI...

CVE-2022-29886

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2022-29886

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2022-32543

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2022-32543

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2022-29886

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

ESTsoft Alyac OLE header Mini FAT sectors integer overflow

Talos Vulnerability Report TALOS-2022-1533 ESTsoft Alyac OLE header Mini FAT sectors integer overflow August 3, 2022 CVE Number CVE-2022-29886 SUMMARY An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buff...

ClamAV 资源管理错误漏洞

ClamAV Clam AntiVirus is a free and open source antivirus program from the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A resource management error vulnerability exists in ClamAV versions 0.104.0 through 0.104.2, which stems from a boundary...

Microsoft Office Remote Code Execution (CVE-2018-0798)

A stack-based buffer overflow vulnerability exists in Microsoft Office. A remote, unauthenticated attacker can exploit this vulnerability by supplying a maliciously crafted OLE file to the affected target...

RSAC 2019: Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes

SAN FRANCISCO – A previously unknown bug in Microsoft Office has been spotted being actively exploited in the wild; it can be used to bypass security solutions and sandboxes, according to findings released at the RSA Conference 2019. The bug exists in the OLE file format and the way it’s handled ...

Updated libextractor packages fix security vulnerabilities

Several vulnerabilities were discovered in libextractor which may lead to denial of service or memory disclosure if a malformed OLE file is processed CVE-2018-20430, CVE-2018-20431...

[SECURITY] [DSA 4361-1] libextractor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4361-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 28, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4361-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libxls Denial of Service Vulnerability

libxls is a C library for reading Exce xls files. A denial of service vulnerability exists in the 'readMSATbody' function of the ole.c file in libxls version 1.4.0, which can be exploited by an attacker to cause a denial of service application crash with the help of a specially crafted file...

InPage Zero Day Used in Attacks Against Banks

A zero-day vulnerability in InPage publishing software used primarily in Urdu, Pashto and Arabic-speaking nations has been publicly exploited in attacks against financial institutions and government agencies in the region. While there are more than 10 million InPage users in Pakistan and India...

Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0160 Oracle OIT ImageExport libvsbmp BMP BIRLE8 Width Code Execution Vulnerability July 19, 2016 Description A vulnerability in libvseshr can lead to remote code execution while parsing a specially crafted Word document containing a reference to Escher drawin...

OpenOffice OLE Importer DocumentSummaryInformation Stream Handling

Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

RedHat Update for openoffice.org RHSA-2008:0175-01

Check for the Version of openoffice.org OpenVAS Vulnerability Test RedHat Update for openoffice.org RHSA-2008:0175-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

CVE-2008-0320

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream...

CVE-2008-0320

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream...