Description of the security update for Office 2016: April 10, 2018

Description of the security update for Office 2016: April 10, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

carter.psych.upenn.edu XSS vulnerability

Open Bug Bounty ID: OBB-592785 Description| Value ---|--- Affected Website:| carter.psych.upenn.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Sharing research and discoveries at PWN2OWN

The annual PWN2OWN exploit contest at the CanSecWest conference in Vancouver, British Columbia, Canada, brings together some of the top security talent from across the globe in a friendly competition. For the participants, these events are a platform to demonstrate world-class skills and vie for...

Mitigating speculative execution side channel hardware vulnerabilities

On January 3rd, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown that affect AMD, ARM, and Intel CPUs to varying degrees. If you haven’t had a chanc...

Mitigating speculative execution side channel hardware vulnerabilities

On January 3rd, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown that affect AMD, ARM, and Intel CPUs to varying degrees. If you haven’t had a chanc...

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Denial of Service Vulnerability in WPS Office 2016 Presentation

WPS office is an office software suite independently developed by Kingsoft Corporation. A denial of service vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attack...

Stack Overflow Vulnerability in WPS Office 2016 Presentation

WPS office is an office software suite independently developed by Kingsoft Corporation. A stack overflow vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by an attacker to cause a denial of service attack...

Null pointer reference vulnerability in WPS Office 2016 presentation kso module

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the kso module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attack...

Null pointer reference vulnerability in WPS Office 2016 presentation kso module (CNVD-2018-04915)

WPS office is an office software suite independently developed by Kingsoft Corporation. WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the kso module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attack or code...

Null pointer reference vulnerability in WPS Office 2016 presentation pptreader module

WPS office is an office software suite independently developed by Kingsoft Corporation. The WPS presentation wpp.exe in WPS has a null pointer reference vulnerability in the pptreader module when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service attac...

WPS Office 2016 demo pptxrw module suffers from memory corruption vulnerability

WPS office is an office software suite independently developed by Kingsoft Corporation. A memory corruption vulnerability exists in the pptxrw module of WPS Presentation wpp.exe when parsing a specific pptx file in WPS, which can be exploited by attackers to cause a denial-of-service attack...

Denial of Service Vulnerability in WPS Office 2016 Presentation (CNVD-2018-04912)

WPS office is an office software suite independently developed by Kingsoft Corporation. A denial of service vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by attackers to cause a denial of service attack...

Memory Corruption Vulnerability in WPS Office 2016 Presentations

WPS office is an office software suite independently developed by Kingsoft Corporation. A memory corruption vulnerability exists in the pptxrw module of WPS Presentation wpp.exe when parsing a specific ppt file in WPS, which can be exploited by attackers to cause a denial-of-service attack...

Memory corruption vulnerability in WPS Office 2016 presentation kso module

WPS office is an office software suite independently developed by Kingsoft Corporation. A memory corruption vulnerability exists in the kso module of WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by an attacker to cause a denial of service attack or cod...

Memory Corruption Vulnerability in WPS Office 2016 Presentation (CNVD-2018-04909)

WPS office is an office software suite independently developed by Kingsoft Corporation. A memory corruption vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by an attacker to cause a denial of service attack or code execution...

WPS Office 2016 demo wppmain module suffers from null pointer reference vulnerability

WPS office is an office software suite independently developed by Kingsoft Corporation. A null pointer reference vulnerability exists in the wppmain module of the WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by an attacker to cause a denial of service...

[SECURITY] Fedora 27 Update: libreoffice-5.4.5.1-1.fc27

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

WPS Presentation suffers from a null pointer reference vulnerability (CNVD-2018-03654)

WPS office is an office software suite independently developed by Kingsoft Corporation. A null pointer reference vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service...

Memory corruption vulnerability exists in WPS Presentation (CNVD-2018-03653)

WPS office is an office software suite independently developed by Kingsoft Corporation. A memory corruption vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service...