OESA-2026-1012 unrtf security update

UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...

EUVD-2001-0240

Malware in sbrugna...

EUVD-2005-2502

Malware in sbrugna...

EUVD-2004-0783

Malware in sbrugna...

EUVD-2009-0769

Malware in sbrugna...

Malicious code in browser-html-to-rtf (npm)

The package browser-html-to-rtf was found to contain malicious code...

CVE-2005-2516

Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format RTF files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in its ability to copy buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created RTF file...

Exploit for Integer Overflow or Wraparound in Microsoft

CVE-2023-21716 Microsoft Word RTF Font Table Heap Corruption...

PT-2022-7396 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue is related to the improper neutralization of input data during web page generation, allowing a remote attacker to execute arbitrary code using specially crafted RTF data. This can be used t...

Zero-day vulnerability discovered in Microsoft Word

A researcher has found a zero-day vulnerability in Microsoft Word. This new exploit in Office macros, external template files containing malicious code while macros are disabled. When a user converts the document to RTF format, the code is also executed in "Protected view" or "Preview mode. For...

Ubuntu: Security Advisory (USN-5202-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

Microsoft Office Memory Corruption Vulnerability

Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user...

Exploit for Out-of-bounds Write in Microsoft

CVE-2018-0802 介绍 RTF118820802 软件架构 软件架构说明 安装教程 1. xxxx 2. xxxx 3. xxxx 使用说明 1. xxxx 2. xxxx 3. xxxx 参与贡献 1. Fork 本仓库 2. 新建 Featxxx 分支 3. 提交代码 4. 新建 Pull Request 特技 1. 使用 Readme\XXX.md 来支持不同的语言，例如 Readme\en.md, Readme\zh.md 2. Gitee 官方博客 blog.gitee.com 3. 你可以 https://gitee.com/explore 这个地址来了解 Gite...

The vulnerability of the oowriter text editor in the OpenOffice office suite allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the oowriter text editor within the OpenOffice office package is related to a memory management flaw after memory is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions using...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ （膜一波，现在unamer的代码已经可以执行shellcode了） CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...

[SECURITY] Fedora 28 Update: unrtf-0.21.9-8.fc28

UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...

CVE-2018-4040

An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...

Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability

Summary An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must...