790 matches found
Design/Logic Flaw
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...
Design/Logic Flaw
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted tags in an RTF document...
CVE-2010-3452
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted tags in an RTF document...
CVE-2010-3452
CVE-2010-3452 is a use-after-free in OpenOffice.org’s oowriter that can crash the application or, potentially, allow arbitrary code execution via crafted RTF tags. Affected: OpenOffice.org 2.x/3.x before 3.3. Remediation: apply vendor security updates; advisories from multiple vendors (openSUSE/S...
CVE-2010-3451
CVE-2010-3451 is a use-after-free vulnerability in OpenOffice.org’s oowriter (OOo) 2.x and 3.x up to before 3.3. It allows remote attackers to crash the application or potentially execute arbitrary code via malformed tables in an RTF document. The issue arises from insecure parsing of RTF tables,...
OpenOffice.org: Array index error by insecure parsing of broken rtf tables
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...
OpenOffice.org: Integer signedness error (crash) by processing certain RTF tags
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted tags in an RTF document...
Important: Red Hat Security Advisory: openoffice.org security and bug fix update
Updated openoffice.org packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
OpenOffice.org: Array index error by insecure parsing of broken rtf tables
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...
OpenOffice.org: Array index error by insecure parsing of broken rtf tables
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...
Important: Red Hat Security Advisory: openoffice.org and openoffice.org2 security update
Updated openoffice.org and openoffice.org2 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
CVE-2010-3452
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted tags in an RTF document...
CVE-2010-3451
Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...
OpenOffice.org Multiple Memory Corruption Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: OpenOffice.org Multiple Memory Corruption Vulnerabilities Release Date: 2011-01-26 Application: Oracle...
Microsoft Warns Of Security Hole in Windows Graphics Engine
Microsoft issued an advisory to Windows users about a security vulnerability in a common Windows component that could be used by remote attackers to run malicious code on machines running the Windows XP, Vista and Windows Server 2003 operating systems. The company said on Tuesday that it is...
Facing Attacks on RTF Hole, Microsoft Urges Office Users To Patch
The Microsoft Malware Protection Center has urged users of its Office suite to apply a security update, MS10-087, released last November. The company says it has become aware of attacks exploiting the hole in Office applications that are circulating on the Internet. The security hole in question...
MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)
This module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office 2010, 2007, 2003, and XP prior to the release of the MS10-087 bulletin are vulnerable. This module does not attempt to explo...
Microsoft Word RTF pFragments Stack Buffer Overflow
$Id: ms10087rtfpfragmentsbof.rb 11450 2010-12-29 20:30:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft Word RTF文件解析栈溢出漏洞(MS10-087)
BUGTRAQ ID: 44652 CVE ID: CVE-2010-3333 Word是微软Office套件中的文字处理工具。 在处理RTF文档中的特定控制字时Word未经执行长度检查便将其属性字符串拷贝到了栈缓冲区中,这可能触发栈溢出。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Office XP SP3 Microsoft Office for Mac 2011 Microsoft Office 2010 Microsoft Office 2008 for Mac Microsoft Office 2007 SP2 Microsoft Office 200...
Microsoft Office RTF pFragments Property Stack Buffer Overflow
Added: 11/16/2010 CVE: CVE-2010-3333 BID: 44652 OSVDB: 69085 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A stack buffer overflow vulnerability exists when...