790 matches found
Microsoft Word RTF解析引擎堆溢出漏洞(MS10-056)
BUGTRAQ ID: 42133 CVE ID: CVE-2010-1902 Word是微软Office套件中的文字处理工具。 在处理RTF文档中的某些绘图对象控制字时,Word未经长度检查便将属性值拷贝到了堆缓冲区上,触发堆溢出。成功利用此漏洞的攻击者可以获得与本地用户相同的权限。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Word 2002 SP3 临时解决方法: 以纯文本格式阅读电子邮件。...
iDefense Security Advisory 08.10.10: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability
iDefense Security Advisory 08.10.10 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 10, 2010 I. BACKGROUND Microsoft Word is a word processing application from Microsoft Office. For more information about Microsoft Word, see the following website:...
Microsoft Office Word RTF Parsing Engine Memory Corruption
Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...
Microsoft Office Word RTF Parsing Engine Memory Corruption
Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...
Microsoft Office Word RTF Parsing Engine Memory Corruption
Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...
Microsoft Office Word RTF Parsing Engine Memory Corruption
Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...
CVE-2010-1901
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich tex...
CVE-2010-1902
Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute...
Memory corruption
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich tex...
Buffer overflow
Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute...
CVE-2010-1901
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich tex...
CVE-2010-1902
CVE-2010-1902 describes a remote-code-execution flaw in Microsoft Word’s RTF parsing engine. The vulnerability is triggered by crafted RTF data, specifically via drawing object control words that copy properties into a heap buffer without bounds checking, causing a heap buffer overflow. Affected ...
CVE-2010-1901
CVE-2010-1901 affects Microsoft Word and related Office components (Word 2002 SP3, 2003 SP3, 2007 SP2; Mac: Office 2004/2008, Open XML Converter for Mac, Word Viewer, Compatibility Pack SP2) where the RTF parsing engine mishandles unspecified properties in rich text data, causing a memory corrupt...
Microsoft Security Bulletin MS10-056 - Critical Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638)
Microsoft Security Bulletin MS10-056 - Critical Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution 2269638 Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves four privately reported vulnerabilities in Microsoft Offic...
iDefense Security Advisory 08.10.10: Microsoft Word RTF File Parsing Heap Buffer Overflow Vulnerability
iDefense Security Advisory 08.10.10 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 10, 2010 I. BACKGROUND Microsoft Word is a word processing application from Microsoft Office. For more information about Microsoft Word, see the following website:...
Microsoft Word RTF Parsing Engine Memory Corruption (MS10-056; CVE-2010-1901)
Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to insufficient data validation by Microsoft Office Word when handling rich text data. A remote attacker could trigger this flaw by convincin...
Microsoft Word RTF Data Parsing Buffer Overflow (MS10-056; CVE-2010-1902)
Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to insufficient data validation by Microsoft Office Word when handling rich text data. A remote attacker could trigger this flaw by convincin...
openoffice.org -- Multiple vulnerabilities
OpenOffice.org Security Team reports: Fixed in OpenOffice.org 3.3 CVE-2010-2935 / CVE-2010-2936: Security Vulnerability in OpenOffice.org related to PowerPoint document processing CVE-2010-3450: Security Vulnerability in OpenOffice.org related to Extensions and filter package files CVE-2010-3451 ...
OpenOffice RTF File Parsing Heap Buffer Overflow (CVE-2007-0245)
A buffer overflow vulnerability exists in the OpenOffice software suite. The vulnerability is due to the way OpenOffice parses specially crafted Rich Text Format RTF documents. A remote attacker could exploit this vulnerability by persuading a user to open a specially crafted RTF file, potentiall...
Secunia Research: Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error
====================================================================== Secunia Research 28/07/2010 - Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error - ====================================================================== Table of Contents Affected...