CVE-2017-6802

CVE-2017-6802 applies to libytnef/ytnef (affecting ytnef prior to 1.9.2 and addressed in later releases). The issue is described as a heap-based over-read related to RTF stream decompression (DecompressRTF()) in libytnef, with related vulnerabilities in the same libytnef set (CVE-2017-6298..6306,...

CVE-2017-6802

An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF in libytnef...

UBUNTU-CVE-2017-6802

An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF in libytnef...

Oracle Outside In Technology RTF Parsing Code Execution Vulnerability

Summary An exploitable Use After Free vulnerability exists in the RTF parser functionality of Oracle Outside In Technology SDK. A specially crafted RTF document can cause a reuse of a reference to the previously freed memory which can be manipulated into achieving arbitrary code execution. Tested...

Hand to hand teach you how to construct the office exploits EXP（fourth period）-bug warning-the black bar safety net

This is a period of vulnerability to share with you is CVE-2015-1641 learning summary, this vulnerability due to its good versatility and stability claims to have replaced the CVE-2012-0158 trend. The vulnerability is a type confusion class of vulnerability, through which you can achieve arbitrar...

Memory corruption

Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps...

CVE-2016-7193

Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps...

CVE-2016-7193

Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps...

Microsoft Office Memory Corruption Vulnerability (CNVD-2016-09364)

Microsoft Office is a Windows-based office software suite developed by Microsoft. Office if not properly handled RTF files in the implementation of Office RTF remote memory corruption vulnerability exists. This could allow an attacker to execute arbitrary code in the current user context...

Microsoft Office Word Viewer Remote Code Execution Vulnerability (3194063)

This host is missing an important security update according to Microsoft Bulletin MS16-121 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Word Remote Code Execution Vulnerability (3194063)

This host is missing an important security update according to Microsoft Bulletin MS16-121 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerability (3194063)

This host is missing an important security update according to Microsoft Bulletin MS16-121 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft SharePoint Server WAS Remote Code Execution Vulnerability (3194063)

This host is missing an important security update according to Microsoft Bulletin MS16-121 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

Microsoft Office Remote Code Execution Vulnerability (3194063) - Mac OS X

This host is missing an important security update according to Microsoft Bulletin MS16-121 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

Microsoft Office Web Apps Remote Code Execution Vulnerability (3194063)

This host is missing an important security update according to Microsoft Bulletin MS16-121 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

MS16-121: Security Update for Microsoft Office (3194063)

The Microsoft Office application installed on the remote Windows host is missing a security update. It is, therefore, affected by a remote code execution vulnerability due to improper handling of RTF files. An unauthenticated, remote attacker can exploit this by convincing a user to open a...

Microsoft Office Memory Corruption Vulnerability

An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on...

KLA10884 Code execution vulnerability in Microsoft Office

An improper RTF handling was found in Microsoft Office. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Original advisories CVE-2016-3263 CVE-2016-3209 CVE-2016-3262 CVE-2016-7182 CVE-2016-339...

Microsoft Office Memory Corruption (MS16-121: CVE-2016-7193)

A buffer overflow vulnerability exists in the Word's RTF parser. The vulnerability is due to invalid parsing of RTF files. By enticing the user to open a specially crafted RTF file, an attacker could exploit this vulnerability to execute arbitrary code on the affected system...

Hand to hand teach you how to construct the office exploits EXP（third period）-bug warning-the black bar safety net

In the previous term of office vulnerability to share, describes the legendary exploits of cve-2 0 1 3-3 9 0 6 a technical framework, which covers a lot of the overflow class of vulnerability classic. This period give everybody to bring the share is CVE-2 0 1 4-1 7 6 1, this vulnerability is stri...