67 matches found
Microsoft Word RTF Object Confusion
Added: 07/24/2014 CVE: CVE-2014-1761 BID: 66385 OSVDB: 104895 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem A buffer overflow exists due to an error in processing RTF files. The flaw is triggered by supplying a...
Word Zero Day Attacks Use Complex Chain of Exploits
The exploit that attackers are using to target a zero day vulnerability in Microsoft Word relies on a complex series of pieces, including an ASLR bypass, ROP techniques and shellcode with several layers of tools designed to detect and defeat analysis. Microsoft officials said the exploit is being...
Microsoft Word Zero-Day Vulnerability is being exploited in the Wild
Microsoft warned about a zero-day vulnerability in Microsoft Word that is being actively exploited in targeted attacks and discovered by the Google security team. “At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010…” company said. According to Microsoft's...
Microsoft Windows OLE Automation Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Microsoft...
Microsoft Office Word Remote Code Execution Vulnerability (2780642)
This host is missing a critical security update according to Microsoft Bulletin MS12-079. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS12-064: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319)
The version of Office, Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office Web Apps, and/or Microsoft Share Point Server installed on the remote host is affected by multiple remote code execution vulnerabilities : - A flaw in the way Microsoft Word handles Word files can allow an...
Microsoft Office Word Remote Code Execution Vulnerabilities (2742319)
This host is missing a critical security update according to Microsoft Bulletin MS12-064. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Tool Scans for RTF Files Spreading Malware in Targeted Attacks
Exploits embedded inside Microsoft Office documents such as Word, PDFs and Excel spreadsheets have been at the core of many targeted attacks during the past 24 months. Detection of these attack methods is improving and nimble hackers are recognizing the need for new avenues into enterprise...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
RedHat Update for openoffice.org and openoffice.org2 RHSA-2011:0181-01
Check for the Version of openoffice.org and openoffice.org2 OpenVAS Vulnerability Test RedHat Update for openoffice.org and openoffice.org2 RHSA-2011:0181-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...
RHEL 4 : openoffice.org and openoffice.org2 (RHSA-2011:0181)
Updated openoffice.org and openoffice.org2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Important: Red Hat Security Advisory: openoffice.org security and bug fix update
Updated openoffice.org packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Cross-Site Scripting vulnerabilities in Invision Power Board
Hello 3APA3A! I want to warn you about new vulnerabilities in Invision Power Board. These are Cross-Site Scripting vulnerabilities. Attack is going via attachment at click on the attachment in the post at forum or on the link to this attachment. These are persistent XSS vulnerabilities. I know fo...
Microsoft Word RTF File Handling Memory Corruption (MS08-026; CVE-2008-1091)
A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to a memory calculation error in Microsoft Word that fails to properly handle specially crafted Rich Text Format .rtf files. A remote attacker could trigger this flaw by convincing a victim to op...
Debian: Security Advisory (DSA-1307-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 7 : openoffice.org-2.2.0-14.11 (2007-0410)
This update fixes a possible buffer overrun in hand-crafted rtf files that use the custom /prtdata tag. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much a...
GLSA-200707-02 : OpenOffice.org: Two buffer overflows
The remote host is affected by the vulnerability described in GLSA-200707-02 OpenOffice.org: Two buffer overflows John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the 'prdata' tag in RTF files where the first token is smaller than the second one CVE-2007-0245...
Debian DSA-1307-1 : openoffice.org - heap overflow
John Heasman discovered a heap overflow in the routines of OpenOffice.org that parse RTF files. A specially crafted RTF file could cause the filter to overwrite data on the heap, which may lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
DSA-1307-1 openoffice.org - heap overflow
Bulletin has no description...
Microsoft MFC memory corruption
Memory corruption on RTF files parsing. Can be used for hidden malware installation...