Microsoft RichEdit 中的漏洞可能允许远程执行代码(MS07-013)

Microsoft Windows 和 Microsoft Office 附带提供的 RichEdit 组件中存在一个远程执行代码漏洞。 当用户与 RTF 文件中的格式错误的嵌入 OLE 对象进行交互时，攻击者可能利用此漏洞。 如果用户使用管理用户权限登录，成功利用此漏洞的攻击者便可完全控制受影响的系统。 攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。 Microsoft Windows 2000 Service Pack 4 Microsoft Windows XP...

Microsoft Office和Windows RichEdit组件内存破坏漏洞（MS07-014）

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows和Microsoft Office所捆绑的RichEdit组件中存在一个远程执行代码漏洞。中存在一个远程执行代码漏洞。当用户与RTF文件中的畸形嵌入OLE对象进行交互时，就可能导致内存破坏，在用户系统上执行任意代码。 成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。要利用此漏洞，需要进行用大量的户交互。 Microsoft...

Microsoft RichEdit vulnerable to remote code execution via malformed embedded OLE object

Overview Microsoft's RichEdit contains a vulnerability that may allow an attacker to execute code. Description From Murray Sargent's MSDN blog:RichEdit 6.0 is a facility for getting plain/rich-text, single/multiline Unicode/ANSI edit controls and combo/list boxes in single world-wide binary that...

Memory corruption

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an R...

CVE-2006-1311

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an R...

CVE-2006-1311

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an R...

CVE-2006-1311

CVE-2006-1311 is a remote code execution vulnerability in Microsoft RichEdit. The RichEdit components in Windows 2000 SP4, XP SP2, 2003 SP1 and Office suites (2000 SP3, XP SP3, 2003 SP2) plus Office for Mac 2004 and Learning Essentials are affected. The flaw arises from insufficient validation wh...

Microsoft Security Bulletin MS07-013 Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)

Microsoft Security Bulletin MS07-013 Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution 918118 Published: February 13, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows and/or Microsoft Office Impact of Vulnerability: Remote Code...

Microsoft Windows RiсhEdit control memory corruption

Memory corruption in RF-enbedded OLE object can be used for hidden malware installation...

MS07-013: Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118)

The remote host contains a version of Microsoft Windows and/or Microsoft Office that has a vulnerability in the RichEdit component that could be abused by an attacker to execute arbitrary code on the remote host. To exploit this vulnerability, an attacker would need to spend a specially crafted R...

Microsoft Office And Microsoft Windows RichEdit Component Remote Code Execution Vulnerability

Description Microsoft Office and Microsoft Windows RichEdit component are prone to a remote code-execution vulnerability. This issue occurs when malformed Rich Text Files RTF are processed. An attacker could exploit this issue by enticing a victim to load a malicious RTF file. If the vulnerabilit...