Microsoft Office PowerPoint 2010 - MSO!Ordinal5429 Missing Length Check Heap Corruption Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=949 Platform: Microsoft Office 2010 on Windows 7 x86 Class: heap memory corruption The following crash was observed in Microsoft Office 2010 running under Windows 7 x86 with...

Wireshark WiresharkApplication Class Suspicious Search Path Vulnerability

Wireshark is the most popular network protocol parser. A suspicious search path vulnerability exists in the WiresharkApplication class within Wireshark ui/qt/wiresharkapplication.cpp, which can be exploited by an attacker to elevate privileges via the riched20.dll.dll Trojan file in the current...

CVE-2016-2521

Untrusted search path vulnerability in the WiresharkApplication class in ui/qt/wiresharkapplication.cpp in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 on Windows allows local users to gain privileges via a Trojan horse riched20.dll.dll file in the current working directory, related to...

CVE-2016-2521

Untrusted search path vulnerability in the WiresharkApplication class in ui/qt/wiresharkapplication.cpp in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 on Windows allows local users to gain privileges via a Trojan horse riched20.dll.dll file in the current working directory, related to...

UBUNTU-CVE-2016-2521

Untrusted search path vulnerability in the WiresharkApplication class in ui/qt/wiresharkapplication.cpp in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 on Windows allows local users to gain privileges via a Trojan horse riched20.dll.dll file in the current working directory, related to...

Microsoft Windows XP/95/98/2000/NT 4 Riched20.dll Attribute Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6874/info The riched20.dll is vulnerable to a buffer overflow that results in the application calling the library to fail. By creating a Rich Text Format RTF file with more than 65536 bytes of data in an attribute, the...

MS Windows 2000/NT 4 DLL Search Path Weakness

No description provided by source. source: http://www.securityfocus.com/bid/1699/info When a program executes under Microsoft Windows, it may require additional code stored in DLL library files. These files are dynamically located at run time, and loaded if necessary. A weakness exists in the...

Tencent QQ GIF图形解析堆溢出漏洞

QQ是由Tencent公司开发的一个IM软件，在中国有着非常广泛的用户。在解析畸形GIF图形组件时存在缓冲区溢出漏洞，攻击者可能利用此漏洞在用户机器使QQ崩溃造成拒绝服务。 QQ在解析GIF图形时使用的是Riched20.dll,在解析GIF格式时，对其读入的Image Block宽度未做边界检查，当设置为0时，会分配比指定大小要小的内存块，但之后会将颜色表的1个字节覆盖到大小不足的内存块中,造成一个基于堆的溢出。溢出会导致多个指针破坏，之后的操作至少引用了其中的一个，因此可能导致执行任意代码。 QQ2007beta1以前的QQ版本 删除QQ目录下的riched20.dll,或升级厂商补...

Microsoft Windows XP95982000NT 4.0 - Riched20.dll Attribute Buffer Overflow

Microsoft Windows XP95982000NT 4.0 - Riched20.dll Attribute Buffer Overflow source: https://www.securityfocus.com/bid/6874/info The riched20.dll is vulnerable to a buffer overflow that results in the application calling the library to fail. By creating a Rich Text Format RTF file with more than...

Microsoft Windows XP/95/98/2000/NT 4.0 - 'Riched20.dll' Attribute Buffer Overflow

source: https://www.securityfocus.com/bid/6874/info The riched20.dll is vulnerable to a buffer overflow that results in the application calling the library to fail. By creating a Rich Text Format RTF file with more than 65536 bytes of data in an attribute, the buffer will be overrun. Execution of...

Дырка в Word и Excel

При открытии документа запускаются файлы riched20.dll и msi.dll из расоложения документа...

wordpad.txt

From: Solar Eclipse Subject: Re: WordPad/riched20.dll buffer overflow - Full Details I kindly suggest using a fixed width font for your viewing pleasure. Microsoft Wordpad Buffer Overflow I. Introduction The first report was from Pauli Ojanpera Win98/NT4 Riched20.dll which WordPad uses has a...

Microsoft Windows 95/98/Enterprise Server 4/NT Server 4/Terminal Server 4/Workstation 4 - Riched Buffer Overflow

Windows 95/98,Windows NT Enterprise Server 4.0 SP1/SP2/SP3/SP4/SP5/SP6,Windows NT Server 4.0 SP1/SP2/SP3/SP4/SP5/SP6/SP6a,Windows NT Terminal Server 4.0 SP1/SP2/SP3/SP4/SP5/SP6,Windows NT Workstation 4.0 SP1/SP2/SP3/SP4/SP5/SP6/SP6a Riched Buffer Overflow Vulnerability source:...