748 matches found
Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations)
The Apache OpenOffice Project reports: An OpenDocument Presentation .ODP or Presentation Template .OTP file can contain invalid presentation elements that lead to memory corruption when the document is loaded in Apache OpenOffice Impress. The defect may cause the document to appear as corrupted a...
Apache Archiva HTML Injection Vulnerability
Apache Archiva is a suite of software from the Apache Software Foundation in the United States for managing one or more remote stores. An HTML injection vulnerability in Apache Archiva version 1.3.9 can be exploited by an attacker to execute arbitrary code in an affected application, steal...
[SECURITY] Fedora 24 Update: libreoffice-5.1.3.1-2.fc24
LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...
[SECURITY] Fedora 23 Update: libreoffice-5.0.6.2-3.fc23
LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...
WPS Office .ppt drawingContainer Memory Corruption Vulnerability
Kingsoft WPS Office is an office software suite with popular components such as Writer, Spreadsheets and Presentation. A memory corruption vulnerability exists in Kingsoft WPS Office, which could be exploited by an attacker to construct a malicious file that could be parsed by the user, causing t...
Gratipay: Possible Blind SQL injection | Language choice in presentation
I haven't managed to inject something, but I just want to make sure that this input is filtered. See the attached screenshot...
The vulnerability of the FFmpeg multimedia library, which allows a intruder to trigger a service failure or cause other effects
The vulnerability of the asfwritepacket function libavformat/asfenc.c in the FFmpeg multimedia library is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure, or possibly have other effects using a specially crafted PTS value contained in...
[SECURITY] Fedora 22 Update: libreoffice-4.4.7.2-3.fc22
LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...
Prezi Bug Bounty #5 - CS Cross Site & Redirect Vulnerability
Document Title: =============== Prezi Bug Bounty 5 - CS Cross Site & Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1724 Release Date: ============= 2016-02-19 Vulnerability Laboratory ID VL-ID: ===================================...
Prezi Bug Bounty #5 - CS Cross Site & Redirect Vulnerability
Document Title: =============== Prezi Bug Bounty 5 - CS Cross Site & Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1724 Release Date: ============= 2016-02-19 Vulnerability Laboratory ID VL-ID: ===================================...
CVE-2016-2326
Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...
DEBIAN-CVE-2016-2326
Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...
Integer overflow
Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...
CVE-2016-2326
Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...
CVE-2016-2326
Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...
CVE-2016-2326
Integer overflow in the asfwritepacket function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS aka presentation timestamp value in a .mov file...
WPS Office 2016 - .ppt drawingContainer Memory Corruption
WPS Office 2016 - .ppt drawingContainer Memory Corruption Application: WPS Office Platforms: Windows Versions: Version 2016 Author: Francis Provencher of COSIG Twitter: @COSIG 1 Introduction 2 Report Timeline 3 Technical details 4 POC =============== 1 Introduction =============== WPS Office an...
Adobe Reader and Acrobat Pro elevation of privilege vulnerability analysis(CVE-2 0 1 5-5 0 9 0)-vulnerability warning-the black bar safety net
0×0 1 Introduction CVE-2 0 1 5-5 0 9 0 is present in the Adobe Reader/Acrobat Pro a bug, and as early as a few months ago has been found and submitted to ZDI. This article is mainly about this bug details, and share several different attack methods. AdobeARMService Adobe updates, in Adobe...
Zaption: XSS during presentation
It is possible for a presenter to xss a viewer Video attached: Recreation steps Create publish lesson and start a presentation join presentation in another browser Select "Quick question" Open response Insert the question asdf" The Javascript will fire on the presenter's side and the viewers side...
January 2016 Apple Security Patches iOS, OS X, Safari
Apple on Tuesday released security patches for iOS, OS X and an update for the Safari browser. The patches come less than a week after a ShmooCon presentation by Synack director of research Patrick Wardle revealed that Apple’s Gatekeeper security feature in OS X can be bypassed by an attacker wit...