67 matches found
EUVD-2019-4287
Malware in sbrugna...
EUVD-2009-4701
Malware in sbrugna...
CVE-2024-8842 PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability
PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
Exploit for CVE-2022-30190
Follina Proof of Concept CVE-2022-30190 Quick and easy "pro...
MSHTML Flaw Exploited to Attack Russian Dissidents
A spearphishing campaign targeting Russian citizens and government entities that are not aligned with the actions of the Russian government is the latest in numerous threats that have emerged since Russia invaded the Ukraine in February. Researchers from MalwareBytes identified a campaign last we...
New spear phishing campaign targets Russian dissidents
This blog post was authored by Hossein Jazi. -- Updated to clarify the two different campaigns Cobalt Strike and Rat Several threat actors have taken advantage of the war in Ukraine to launch a number of cyber attacks. The Malwarebytes Threat Intelligence team is actively monitoring these threats...
Arbitrary Code Execution
openoffice.org is vulnerable to arbitrary code execution. The vulnerability exists as an array index error and an integer signedness error were found in the way OpenOffice.org parsed certain Rich Text Format RTF files. An attacker could use these flaws to create a specially-crafted RTF file that,...
Coronavirus-Themed APT Attack Spreads Malware
An advanced persistent threat APT group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call “Vicious Panda.” Researchers identified two suspicious Rich Text Format files RTF — a text file format used b...
CVE-2019-12697
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2019-12696
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory...
Design/Logic Flaw
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory...
Microsoft Warns of Email Attacks Executing Code Using an Old Bug
Microsoft is warning of a fresh email campaign that distributes malicious RTF files boobytrapped with an exploit dating back to a 2017 vulnerability, CVE-2017-11882. The exploit allows attackers to automatically run malicious code without requiring user interaction. “The CVE-2017-11882...
XenMobile: Supported File Formats with Quick Edit
Question and Answers Which all file formats are supported within Quick Edit? QuickEdit supports the following types of files: Microsoft Word – .doc and .docx Microsoft Excel – .xls and .xlsx Microsoft PowerPoint – .ppt and .pptx PDF TXT and RTF iOS only CSV iOS only GIF, JPEG, BMP, and PNG These...
Outlook Bug Allowed Hackers to Use .RTF Files To Steal Windows Passwords
A vulnerability in Microsoft Outlook allowed hackers to steal a user’s Windows password just by having the target preview an email with a Rich Text Format RTF attachment that contained a remotely hosted OLE object. The bug was patched by Microsoft as part of its April Patch Tuesday fixes, over a...
Microsoft Word 2010 Service Pack 2 Multiple RCE Vulnerabilities (KB4011659)
This host is missing a critical security update according to Microsoft KB4011659 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Word 2016 Multiple Remote Code Execution Vulnerabilities (KB4011643)
This host is missing a critical security update according to Microsoft KB4011643 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Office Word Multiple Vulnerabilities (KB4011651)
This host is missing a critical security update according to Microsoft KB4011651. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Word 2007 Service Pack 3 Multiple Vulnerabilities (KB4011657)
This host is missing a critical security update according to Microsoft KB4011657 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Updates for Microsoft Word Products (January 2018)
The Microsoft Words Products are missing security updates. It is therefore affected by multiple issues involving handling of Office and RTF Rich Text Format files. If successfully exploited, an attacker could execute code in the context of the current user. C Tenable Network Security, Inc...
Security Updates for Microsoft Office Compatibility SP3 (January 2018)
The Microsoft Office Compatibility Pack products installed on the remote host are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in...