Null Pointer Reference Vulnerability in WPS Presentation pptxrw Module

WPS Office is an office software suite developed independently by Kingsoft Corporation. A null pointer reference vulnerability exists in the pptxrw module of WPS Presentation wpp.exe in WPS when parsing a specific ppt file, which can be exploited by an attacker to cause a denial of service or lea...

Mail.ru: Отраженная XSS на cloud.mail.ru в URL в функционале создания и редактировании презентации.

Reflected URI-based XSS via crafted name of new PowerPoint document in presentation editor...

See how I integrated the use of 4 vulnerability GitHub Enterprise remote code execution-vulnerability warning-the black bar safety net

! Hello everyone, since the last vulnerability disclosure has been there for six months, in this article, I will show you how to through 4 vulnerability is the perfect realization of GitHub Enterprise RCE, the RCE to achieve a method and a server-side request forgery technology（SSRF）related,...

Moderate: Red Hat Security Advisory: libreoffice security and bug fix update

An update for libreoffice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

SteelCon: Mahkra ni Orroz

I recently gave a talk at Sheffield's SteelCon, a huge security event spread over a few days with no end of interesting activities taking place. My presentation, called Makhra ni Orroz, is a good 45 minutes of non stop talking and pictures and things. It's also a bit different in terms of what I...

americaneducationfair.com XSS vulnerability

Vulnerable URL: http://www.americaneducationfair.com/previousfair/presentation.asp?fair=summer=1"...

RedHat Update for libreoffice RHSA-2017:0979-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2014-9835

Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file...

GLSA-201703-01 : OpenOffice: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201703-01 OpenOffice: User-assisted execution of arbitrary code An exploitable out-of-bounds vulnerability exists in OpenOffice Impress when handling MetaActions. Impact : A remote attacker could entice a user to open a specially...

OpenOffice: User-assisted execution of arbitrary code

Background Apache OpenOffice is an open-source office software suite for word processing, spreadsheets, presentations, graphics, databases and more. Description An exploitable out-of-bounds vulnerability exists in OpenOffice Impress when handling MetaActions. Impact A remote attacker could entice...

WPS-Presentation has XXE vulnerability in pptx parsing

WPS-Presentation is an office software. WPS Presentation suffers from an XXE vulnerability in pptx parsing. This allows attackers to exploit the vulnerability to cause the disclosure of sensitive user information as well as a DoS Denial of Service on the user's system...

UBUNTU-CVE-2015-8979

Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service segmentation fault via a long string sent to TCP port 4242...

CVE-2016-7872

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution...

CVE-2016-7872

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution...

Microsoft Windows GDI Information Disclosure (MS16-146: CVE-2016-7257)

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a malicious presentation file. Successful exploitation of this issue can lead to...

Barco ClickShare Arbitrary File Disclosure Vulnerability

ClickShare is Barco's wireless presentation collaboration system that allows all participants to share content on a centralized conference room screen. An arbitrary file disclosure vulnerability exists in Barco ClickShare because it does not adequately validate user-supplied input. An attacker...

Ubuntu: Security Advisory (USN-3046-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.04 LTS : libreoffice vulnerability (USN-3046-1)

Yves Younan and Richard Johnson discovered that LibreOffice incorrectly handled presentation files. If a user were tricked into opening a specially crafted presentation file, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. Note that Tenable Network Securit...

USN-3046-1: LibreOffice vulnerability

Yves Younan and Richard Johnson discovered that LibreOffice incorrectly handled presentation files. If a user were tricked into opening a specially crafted presentation file, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code...

FreeBSD : Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations) (72f71e26-4f69-11e6-ac37-ac9e174be3af)

The Apache OpenOffice Project reports : An OpenDocument Presentation .ODP or Presentation Template .OTP file can contain invalid presentation elements that lead to memory corruption when the document is loaded in Apache OpenOffice Impress. The defect may cause the document to appear as corrupted...