52 matches found
CVE-2015-0086
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 Gold and SP1, Web Applications 2010 SP...
CVE-2015-0086
CVE-2015-0086 affects Microsoft Office/Word products including Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold/SP1, Word 2013 RT Gold/SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Serve...
CVE-2015-0086
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 Gold and SP1, Web Applications 2010 SP...
Turing Test in Reverse: New Sandbox-Evasion Techniques Seek Human Interaction
Last year, we published a paper titled Hot Knives Through Butter, Evading File-Based Sandboxes. In this paper, we explained many sandbox evasion methods--and today's blog post adds to our growing catalog. In the past, for example, we detailed the inner workings of a Trojan we dubbed UpClicker. Th...
CVE-2013-0710
Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document...
Buffer overflow
Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document...
KLA10237 ACE vulnerability in Kingsoft Writer
A buffer overflow was found in Kingsoft Writer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed RTF document. Original advisories Kingsoft bulletin Related products Kingsoft-Writer CVE list...
CVE-2013-0710
CVE-2013-0710 affects Kingsoft Writer 2007 and 2010 (prior to version 2724). The vulnerability is a buffer overflow triggered when opening a crafted RTF document, allowing remote arbitrary code execution. A patch/update to the latest version (2724 or newer) is available per advisories; apply the ...
CVE-2013-0710
Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document...
Remote code execution
Object Linking and Embedding OLE Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."...
CVE-2013-1313
CVE-2013-1313 corresponds to an OLE Automation use-after-parse in Windows XP SP3 where memory misallocation enables remote code execution via a crafted RTF document. Connected advisories note this as a code-execution vulnerability in Windows Common Controls (OLE) with remote impact. Mitigation pe...
Microsoft security bulletins for December 2012
With the release of the Microsoft security bulletins for December 2012, Company flag total 7 updates for Windows users, where one is rated as critical that could lead to remote code execution, where as other two are rated as important which fix flaws that could result in the operating system's...
CVE-2012-2528
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted R...
Design/Logic Flaw
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted R...
CVE-2012-2528
CVE-2012-2528 is a use-after-free remote code execution vulnerability in Microsoft Word and related components triggered by specially crafted RTF documents. Affected products include Word 2003 SP3, Word 2007 SP2/SP3, Word 2010 SP1, Word Viewer, Office Compatibility Pack SP2/SP3, Word Automation S...
CVE-2010-3451
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...
Design/Logic Flaw
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...
Design/Logic Flaw
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted tags in an RTF document...
CVE-2010-3452
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted tags in an RTF document...
CVE-2010-3452
CVE-2010-3452 is a use-after-free in OpenOffice.org’s oowriter that can crash the application or, potentially, allow arbitrary code execution via crafted RTF tags. Affected: OpenOffice.org 2.x/3.x before 3.3. Remediation: apply vendor security updates; advisories from multiple vendors (openSUSE/S...