Microsoft Security Bulletin MS08-072 - Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)

Microsoft Security Bulletin MS08-072 - Critical Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution 957173 Published: December 9, 2008 Version: 1.0 General Information Executive Summary This security update resolves eight privately reported vulnerabilities in Microsoft Offi...

Microsoft Word RTF Object Parsing Memory Corruption (MS08-072; CVE-2008-4030)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

Microsoft Word RTF Control Word Handling Integer Overflow (MS08-072; CVE-2008-4025)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

Microsoft Word RTF Stylesheet Control Word Memory Corruption (MS08-072; CVE-2008-4031)

Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to an error in Microsoft Word that fails to properly handle malformed Rich Text Format .rtf files. A remote attacker could trigger this flaw ...

Microsoft Word RTF Drawing Primitives Remote Code Execution (MS08-072; CVE-2008-4028)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

Microsoft Word RTF Malformed String Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious RTF file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in use...

Microsoft Word RTF Polyline/Polygon Integer Overflow Vulnerability

Description Microsoft Word is prone to an integer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker could exploit this issue by enticing a victim to open a malicious RTF file. Successfully exploiting this issue would allow...

Microsoft Word RTF '\do' Drawing Object Remote Heap Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote heap memory-corruption vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious RTF file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...

Microsoft Word RTF Malformed Control Word Variant 2 Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious RTF file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in use...

Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a malicious file. The specific flaw...

Microsoft Office RTF Drawing Object Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft products including Word and Outlook. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a...

Microsoft Word RTF Multiple Drawing Object Tags Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious RTF file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in use...

Gentoo Security Advisory GLSA 200510-12 (koffice, kword)

The remote host is missing updates announced in advisory GLSA 200510-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200509-20 (AbiWord)

The remote host is missing updates announced in advisory GLSA 200509-20. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200510-12 (koffice, kword)

The remote host is missing updates announced in advisory GLSA 200510-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: koffice

The remote host is missing an update to the system as announced in the referenced advisory. VID 9cd52bc6-a213-11da-b410-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

PureMessage for Microsoft Exchange RTF远程拒绝服务漏洞

BUGTRAQ ID:30881 CNCAN ID：CNCAN-2008082907 PureMessage for Microsoft Exchange是一款针对Microsoft Exchange邮件服务器的垃圾邮件防护软件。 PureMessage for Microsoft Exchange处理RTF存在问题，远程攻击者可以利用漏洞使应用程序崩溃，造成拒绝服务攻击。 -对RTF或PDF文件执行内容扫描时可导致PureMessage扫描服务PMScanner.exe终止或挂起，导致消息积存在队列中或SPAM规则更新不能完成。 -在Exchange...

Eudora 6.0.3 Attachment Spoofing Exploit (windows)

No description provided by source. !/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject: Eudora 6.0.3 on Windows spoof, LaunchProtect\n"; print "MIME-Version: 1.0\n"; print "Content-Type: multipart/mixed; boundary="zzz"\n"; print "\n"; print "This is a...

Microsoft Word RTF畸形字符串处理堆溢出漏洞(MS08-026)

BUGTRAQ ID: 29104 CVECAN ID: CVE-2008-1091 Microsoft Word是Office套件中的文字处理软件。 Word处理特制RTF格式（.rtf）文件的方式中存在堆溢出漏洞，如果用户在Word中打开带有畸形字符串的特制.rtf文件，或在富文本电子邮件中预览带有畸形字符串的特制.rtf文件，就会触发这个溢出，导致执行任意指令。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Outlook 2007 SP1 Microsoft Outlook 2007...

ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability

ZDI-08-023: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-023 August 14, 2007 -- CVE ID: CVE-2008-1091 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Excel Microsoft Office Word -- TippingPointTM IPS...