Lucene search
+L

157 matches found

0day.today
0day.today
added 2018/03/09 12:0 a.m.1631 views

Microsoft Office - Composite Moniker Remote Code Execution Exploit

Exploit for windows platform in category local exploits What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using the...

9.3CVSS7.9AI score0.99933EPSS
Exploits38
ThreatPost
ThreatPost
added 2018/02/15 12:31 p.m.98 views

Word-based Malware Attack Doesn’t Use Macros

Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free. The attacks do not...

9.3CVSS0.99945EPSS
Exploits33References4
NVD
NVD
added 2018/01/29 7:29 p.m.17 views

CVE-2018-6390

The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an copy call, which allows remote attackers to cause a denial of service access violation and application crash via a crafted a web page, b office...

6.5CVSS6.4AI score0.01074EPSS
Exploits1References1
Prion
Prion
added 2018/01/29 7:29 p.m.11 views

Code injection

The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an copy call, which allows remote attackers to cause a denial of service access violation and application crash via a crafted a web page, b office...

4.3CVSS6.4AI score0.01074EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/01/29 7:0 p.m.52 views

CVE-2018-6390

The vulnerability CVE-2018-6390 affects Kingsoft WPS Office, specifically the WStr::assign function in kso.dll used by WPS Office versions 10.1.0.7106 and 10.2.0.5978. The issue arises because the source memory block size is not validated before a _copy call, allowing remote attackers to trigger ...

6.5CVSS6.3AI score0.01074EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/01/25 8:29 a.m.15 views

CVE-2018-6217

The WStr::allociostrdata function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 allows remote attackers to cause a denial of service application crash via a crafted a web page, b office document, or c .rtf file...

5.5CVSS5.5AI score0.00877EPSS
Exploits1References1
exploitpack
exploitpack
added 2018/01/09 12:0 a.m.684 views

Microsoft Office - Composite Moniker Remote Code Execution

Microsoft Office - Composite Moniker Remote Code Execution What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using th...

9.3CVSS0.99933EPSS
Exploits38
Exploit DB
Exploit DB
added 2018/01/09 12:0 a.m.283 views

Microsoft Office - 'Composite Moniker Remote Code Execution

What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using the primitive that the vulnerability provides. Download:...

9.3CVSS8.2AI score0.89889EPSS
Exploits14
Securelist
Securelist
added 2017/09/25 12:23 p.m.188 views

A simple example of a complex cyberattack

We're already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious...

9.3CVSS9.3AI score0.9679EPSS
Exploits1
0day.today
0day.today
added 2017/04/25 12:0 a.m.443 views

Microsoft Office Word Malicious Hta Execution Exploit

This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a https request, and execute hta code in response. This bug was originally seen being exploited in the wild...

9.3CVSS8.2AI score0.99933EPSS
Exploits29
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.804 views

Microsoft Office Word - '.RTF' Malicious HTA Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Microsoft Office Word Malicious Hta Execution", 'Description' = %q This module creates a malicious RTF file that when opened in...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
Packet Storm
Packet Storm
added 2017/04/24 12:0 a.m.248 views

Microsoft Office Word Malicious Hta Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Microsoft Office Word Malicious Hta Execution", 'Description' = %q This module creates a malicious RTF file that when opened in...

9.3CVSS0.2AI score0.99933EPSS
Exploits29
GithubExploit
GithubExploit
added 2017/04/22 4:1 a.m.111 views

Exploit for CVE-2017-0199

Exploit toolkit CVE-2017-0199 - v2.0 Exploit toolkit CVE-201...

9.3CVSS7.3AI score0.99933EPSS
Exploits29
Tenable Nessus
Tenable Nessus
added 2017/04/13 12:0 a.m.24 views

Oracle Linux 7 : libreoffice (ELSA-2017-0914)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-0914 advisory. - Resolves: rhbz1435534 CVE-2017-3157 Arbitrary file disclosure in Calc and Writer - Resolves: rhbz1353839 CVE-2016-4324 dereference of invalid STL iterator on...

7.8CVSS6.4AI score0.03122EPSS
Exploits1References2
myhack58
myhack58
added 2016/09/22 12:0 a.m.21 views

Hand to hand teach you how to construct the office exploits EXP(third period)-bug warning-the black bar safety net

In the previous term of office vulnerability to share, describes the legendary exploits of cve-2 0 1 3-3 9 0 6 a technical framework, which covers a lot of the overflow class of vulnerability classic. This period give everybody to bring the share is CVE-2 0 1 4-1 7 6 1, this vulnerability is stri...

0.3AI score
Exploits0
NVD
NVD
added 2016/07/08 7:59 p.m.15 views

CVE-2016-4324

Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens...

7.8CVSS7.7AI score0.02819EPSS
Exploits1References7
Prion
Prion
added 2016/07/08 7:59 p.m.31 views

Design/Logic Flaw

Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens...

6.8CVSS7.9AI score0.02819EPSS
Exploits1References7Affected Software3
OSV
OSV
added 2016/07/08 7:59 p.m.3 views

DEBIAN-CVE-2016-4324

Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens...

7.8CVSS8AI score0.02819EPSS
Exploits1References1
CVE
CVE
added 2016/07/08 7:0 p.m.293 views

CVE-2016-4324

CVE-2016-4324 : A use-after-free vulnerability exists in the LibreOffice RTF parser, triggered by parsing crafted RTF files containing a specific combination of stylesheet and superscript tokens. Exploitation could allow arbitrary code execution. Public technical details in connected documents co...

7.8CVSS7.6AI score0.02819EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2016/07/08 7:0 p.m.28 views

CVE-2016-4324

Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens...

7.7AI score0.02819EPSS
Exploits1References7
Rows per page
Query Builder