CVE-2016-4324

Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens...

Debian Security Advisory DSA 3608-1 (libreoffice - security update)

Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened. OpenVAS Vulnerability Test $Id: deb3608.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3608-1...

DSA-3608-1 libreoffice - security update

Bulletin has no description...

UBUNTU-CVE-2016-4324

Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens...

KLA10837 Code execution vulnerabilities in LibreOffice

Lack of validation was found in LibreOffice. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed RTF file. Original advisories LibreOffice advisory Related products LibreOffice CVE list CVE-2016-4324 hi...

Debian: Security Advisory (DSA-3608-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libreoffice -- use-after-free vulnerability

Talos reports: An exploitable Use After Free vulnerability exists in the RTF parser LibreOffice. A specially crafted file can cause a use after free resulting in a possible arbitrary code execution. To exploit the vulnerability a malicious file needs to be opened by the user via vulnerable...

The Document Foundation LibreOffice RTF Stylesheet Code Execution Vulnerability

SUMMARY An exploitable Use After Free vulnerability exists in the RTF parser LibreOffice. A specially crafted file can cause a use after free resulting in a possible arbitrary code execution. To exploit the vulnerability a malicious file needs to be opened by the user via vulnerable application...

Microsoft Office Information Disclosure (MS16-070: CVE-2016-3234)

An out of bound memory access vulnerability was discovered within Microsoft office word. The root cause comes from wwlib.dll sub components that could lead to an out of bound memory read when processing a malformed rtf document...

How RTF malware evades static signature-based detection

History Rich Text Format RTF is a document format developed by Microsoft that has been widely used on various platforms for more than 29 years. The RTF format is very flexible and therefore complicated. This makes the development of a safe RTF parsers challenging. Some notorious vulnerabilities...

How RTF malware evades static signature-based detection

History Rich Text Format RTF is a document format developed by Microsoft that has been widely used on various platforms for more than 29 years. The RTF format is very flexible and therefore complicated. This makes the development of a safe RTF parsers challenging. Some notorious vulnerabilities...

Microsoft Office RTF Embedded Object Remote Code Execution

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted file a...

APT Threat Targets Tibetans, Journalists and Human Rights Workers

Tibetans, journalists and human rights workers in Hong Kong and Taiwan have been targeted in an APT campaign that makes use of Microsoft Rich Text File RTF documents to compromise computers. Researchers say it’s a new strategy by attackers in an ongoing advanced persistent threat that dates back ...

Ghosts in the Endpoint

We would like to introduce the first of our “Ghosts in the Endpoint” series, a report prepared by FireEye Labs that documents malicious software not being detected in the wild by traditional signature-based detections. In this study, all the families identified are samples from VirusTotal VT with...

[SECURITY] Fedora 23 Update: latex2rtf-2.3.10-1.fc23

LaTeX2rtf is a translator program which is intended to translate a LaTeX document precisely: the text and a limited subset of LaTeX tags into the RTF format which can be imported by several text processors including Microsoft Word for Windows and Word for Macintosh...

[SECURITY] Fedora 22 Update: latex2rtf-2.3.10-1.fc22

LaTeX2rtf is a translator program which is intended to translate a LaTeX document precisely: the text and a limited subset of LaTeX tags into the RTF format which can be imported by several text processors including Microsoft Word for Windows and Word for Macintosh...

[SECURITY] Fedora 24 Update: latex2rtf-2.3.10-1.fc24

LaTeX2rtf is a translator program which is intended to translate a LaTeX document precisely: the text and a limited subset of LaTeX tags into the RTF format which can be imported by several text processors including Microsoft Word for Windows and Word for Macintosh...

Stop Scanning My Macro

FireEye Labs detected an interesting evasion strategy in two recent, large Dridex campaigns. These campaigns changed the attachment file-type and location of malicious logic in an attempt to avoid scanners. Overview Both campaigns used an invoice theme and came from a wide variety of sending...

Stop Scanning My Macro

FireEye Labs detected an interesting evasion strategy in two recent, large Dridex campaigns. These campaigns changed the attachment file-type and location of malicious logic in an attempt to avoid scanners. Overview Both campaigns used an invoice theme and came from a wide variety of sending...

In-depth analysis of Microsoft Office RTF file stack overflow vulnerability, CVE-2 0 1 6-0 0 1 0-a vulnerability warning-the black bar safety net

0×0 1 Summary In this month's Microsoft patch Tuesday, Microsoft fixes 3 Office vulnerability MS16-0 0 4。 This vulnerability is due to MS Office not correctly parse the RTF document caused by a heap overflow vulnerability successful exploitation of this vulnerability may enable an attacker to...