157 matches found
CVE-2014-9093
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service invalid write operation and crash and possibly execute arbitrary code via a crafted RTF file...
CVE-2014-9093
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service invalid write operation and crash and possibly execute arbitrary code via a crafted RTF file...
KLA10444 DoS vulnerability in LibreOffice
Unspecified vulnerability was found in LibreOffice. By exploiting this vulnerabilities malicious users can cause denial of server, and possibly execute arbitrary code. This vulnerability can be exploited remotely via specially designed RTF file. Original advisories - Related products LibreOffice...
Microsoft Releases Security Advisory
Microsoft has released a security advisory for Microsoft Word. A vulnerability exists for remote code execution which could allow an attacker to gain user rights by opening a specifically crafted Rich Text Format file. Applying the Microsoft Fix it solution will disable the opening of RTF content...
Microsoft Office RTF Mismatch Memory Corruption (MS12-029) - Ver2 (CVE-2012-0183)
A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is due to a memory corruption while parsing specially crafted RTF-formatted data. A remote attacker can exploit this issue by enticing a target user to open a specially crafted RTF file. Successful...
Microsoft Word RTF File 'listoverridecount'远程代码执行漏洞(MS12-079)
BUGTRAQ ID: 56834 CVECAN ID: CVE-2012-2539 Microsoft Word 属于办公软件是微软公司的一个文字处理器应用程序。 Microsoft Word 在解析listoverridecount相关的RTF(Rich Text Format)数据时存在漏洞。通过诱使用户浏览恶意网站或在e-mail邮件中打开特定格式的rtf文件,未经身份验证的远程攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Office 2003 Professional Edition Microsoft Office Word Viewer...
Microsoft Word RTF File Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which can lead to a complete compromise of an affected computer. Technologies Affected Microsoft Office...
Microsoft Office RTF File listid Use-After-Free Code Execution (MS12-064; CVE-2012-2528)
A remote code execution vulnerability has been reported in Microsoft Office...
MS12-027 MSCOMCTL ActiveX Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MS12-027 MSCOMCTL ActiveX Buffer...
MS12-027 MSCOMCTL ActiveX Buffer Overflow
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability
Added: 04/12/2012 CVE: CVE-2012-0158 BID: 52911 OSVDB: 81125 Background Microsoft Windows bundles various common ActiveX controls in the Common Controls library MSCOMCTL.OCX. Several Windows applications use these controls. Problem Various ActiveX controls in MSCOMCTL.OCX in the Common Controls i...
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability
Added: 04/12/2012 CVE: CVE-2012-0158 BID: 52911 OSVDB: 81125 Background Microsoft Windows bundles various common ActiveX controls in the Common Controls library MSCOMCTL.OCX. Several Windows applications use these controls. Problem Various ActiveX controls in MSCOMCTL.OCX in the Common Controls i...
Design/Logic Flaw
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
Microsoft Office 2003 Home/Pro Buffer Overflow
!/usr/bin/python Note from the Exploit-DB team: This might be the same bug as: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ms10087rtfpfragmentsbof.rb ----------------------------------------------------------------------------------- Exploit:...
Microsoft Office 2003 Home/Pro - Code Execution (MS10-087)
!/usr/bin/python Note from the Exploit-DB team: This might be the same bug as: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ms10087rtfpfragmentsbof.rb ----------------------------------------------------------------------------------- Exploit:...
openoffice.org security update
CentOS Errata and Security Advisory CESA-2011:0182 Updated openoffice.org packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...
Microsoft security update stamps out 11 product vulnerabilities
Microsoft security update stamps out 11 product vulnerabilities American software heavyweight Microsoft Corp. has this week rolled out three security bulletins for Windows, addressing a total of 11 vulnerabilities targeting potential exploits in platforms ranging from Microsoft Office to Forefron...
Microsoft Office RTF File Stack Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote stack-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue by enticing a victim to open a malicious RTF file or view an email in RTF format...
CVE-2010-0134
Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow...
Integer overflow
Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow...