Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-4355

Malware in sbrugna...

5.3CVSS7.4AI score0.01842EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/21 6:24 p.m.9 views

CVE-1999-0354

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message...

7.5CVSS7.1AI score0.05111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.4 views

PT-2025-20988 · Microsoft · Office

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions prior to the May 2025 updates Description: The issue is related to a use after free vulnerability in Microsoft Office, allowing an unauthorized attacker to execute code locally. This vulnerability can be exploited by...

8.4CVSS9AI score0.0055EPSS
Exploits0References12
The Hacker News
The Hacker News
added 2023/12/29 10:41 a.m.71 views

CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the...

9.8CVSS9.6AI score0.97408EPSS
Exploits18
BDU FSTEC
BDU FSTEC
added 2021/06/16 12:0 a.m.5 views

The vulnerability of the Microsoft Office Graphics component in the Microsoft Outlook email client allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office Graphics component of the Microsoft Outlook email client is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7.6AI score0.02253EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/04/16 12:0 a.m.3 views

The vulnerability of the Microsoft Outlook email client, as well as the Microsoft 365 Apps for Enterprise and Microsoft Office products, relates to an operation that goes beyond buffer boundaries in memory. This allows an attacker to execute arbitrary code.

The vulnerability of the Microsoft Outlook email client, as well as the Microsoft 365 Apps for Enterprise and Microsoft Office products, is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

7.5CVSS7.8AI score0.01295EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/07/23 12:0 a.m.5 views

The vulnerability of Microsoft 365 Apps for Enterprise, Microsoft Office, and the Microsoft Outlook email client relates to object processing errors in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft 365 Apps for Enterprise, Microsoft Office, and the Microsoft Outlook email client is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.22501EPSS
Exploits1References3
CNVD
CNVD
added 2019/08/21 12:0 a.m.2 views

Microsoft Outlook for iOS Spoofing Vulnerability

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A spoofing vulnerability exists in Microsoft Outlook for iOS, which can be exploited by an attacker to perform a cross-site scripting attack on an affected system by sending a specially crafted email to the...

5.4CVSS6AI score0.03879EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/10/18 1:29 p.m.24 views

CVE-2018-12381

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected...

5.3CVSS6.8AI score0.01842EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/10/18 1:0 p.m.28 views

CVE-2018-12381

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected...

5.2AI score0.01842EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2016/01/28 12:0 a.m.7 views

The vulnerability of the Microsoft Office package, the Microsoft Office Compatibility Pack, and the Microsoft Word text editor allow a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Office package, the Microsoft Office Compatibility Pack, and the Microsoft Word text editor exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a specially crafted email messag...

9.3CVSS6AI score0.53661EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2015/12/08 12:0 a.m.4 views

PT-2015-3020

Name of the Vulnerable Software and Affected Versions Microsoft Word versions 2007 SP3 through 2016 Office versions 2010 SP2 Word 2010 version SP2 Word 2013 versions SP1 through RT SP1 Office Compatibility Pack version SP3 Description The issue allows remote attackers to execute arbitrary code vi...

9.3CVSS6.3AI score0.53661EPSS
Exploits0References8
CERT
CERT
added 2005/02/08 12:0 a.m.37 views

Microsoft Internet Explorer contains a DHTML method heap memory corruption vulnerability

Overview Microsoft Internet Explorer contains a flaw in DHTML method handling which may allow a remote attacker to execute arbitrary code. Description The DHTML method handling in Internet Explorer fails to perform proper bounds checking. This vulnerability may allow data to be written outside th...

7.5CVSS6.8AI score0.36841EPSS
Exploits0References10
securityvulns
securityvulns
added 2005/01/13 12:0 a.m.35 views

EEYE: Windows ANI File Parsing Buffer Overflow

Windows ANI File Parsing Buffer Overflow Systems Affected: Windows Me Windows 2000 Windows XP SP1 and earlier Windows 2003 Overview: eEye Digital Security has discovered a vulnerability in USER32.DLL's handling of Windows animated cursor .ani files that will allow a remote attacker to reliably...

0.5AI score
Exploits0
CERT
CERT
added 2004/10/13 12:0 a.m.52 views

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...

10CVSS7.4AI score0.48671EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2003/11/25 12:0 a.m.18 views

Microsoft Internet Explorer 6 - Codebase Double Backslash Local Zone File Execution

source: https://www.securityfocus.com/bid/10344/info A vulnerability has been reported that may potentially permit HTML documents to gain unauthorized access to local resources by using specific syntax when referencing said resource as a value for the CODEBASE object property. Under certain...

7AI score
Exploits0
Rows per page
Query Builder