MS07-012: Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667)

The remote host contains a version of Microsoft Windows that has a vulnerability in the MFC component that could be abused by an attacker to execute arbitrary code on the remote host. To exploit this vulnerability, an attacker would need to spend a specially crafted RTF file to a user on the remo...

Microsoft Office .rtf File Detection

Binary data 3826.prm...

Re: Secunia Research: Microsoft Windows Object Packager Dialog Spoofing

I knew about this particular flaw for some time . honestly I found it by accident, like I think the the security researcher from secunia did...or maybe it leaked from where I posted it?!?!?!!! :P. This could be a bit more critical if : 1 a '' not a '/' was placed at the end of the command line...

Microsoft Windows Object Packager dialog spoofing

Code execution with .RTF or .WRI file embedded object...

Debian DSA-894-1 : abiword - buffer overflows

Chris Evans discovered several buffer overflows in the RTF import mechanism of AbiWord, a WYSIWYG word processor based on GTK 2. Opening a specially crafted RTF file could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

Debian DSA-872-1 : koffice - buffer overflow

Chris Evans discovered a buffer overflow in the RTF importer of kword, a word processor for the KDE Office Suite that can lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

linux/x86 execve(/bin/sh) + RTF Header 30 bytes

No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RTF header - 30 bytes root@magicbox: file linux-sh-rtfhdr.bin linux-sh-rtfhdr.bin: Rich Text Format data, version 1, - izik [email protected] / char shellcode = // // RTF Header 7 bytes // - Be careful not to trigger...

linux/x86 execve(/bin/sh) + RTF Header 30 bytes

Exploit for linux/x86 platform in category shellcode =============================================== linux/x86 execve/bin/sh + RTF Header 30 bytes =============================================== / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RTF header - 30 bytes email protected: file...

linux/x86 - execve/bin/sh + RTF Header 30 bytes

linux/x86 execve/bin/sh + RTF Header 30 bytes. Shellcode exploit for linx86 platform / linux/x86 - execve"/bin/sh", "/bin/sh", NULL + RTF header - 30 bytes root@magicbox: file linux-sh-rtfhdr.bin linux-sh-rtfhdr.bin: Rich Text Format data, version 1, - izik / char shellcode = // // RTF Header 7...

Design/Logic Flaw

Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service client crash via an AIM message containing the Mac encoded Rich Text Format RTF escape sequences 1 'd1, 2 'd2, 3 'd3, 4 'd4, and 5 'd5. NOTE: the provenance of this information is unknown; the details are obtained...

CVE-2006-0543

Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service client crash via an AIM message containing the Mac encoded Rich Text Format RTF escape sequences 1 'd1, 2 'd2, 3 'd3, 4 'd4, and 5 'd5. NOTE: the provenance of this information is unknown; the details are obtained...

Ubuntu 5.04 : koffice vulnerability (USN-202-1)

Chris Evans discovered a buffer overflow in the RTF import module of KOffice. By tricking a user into opening a specially crafted RTF file, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user. Note that Tenable Network Security has extracted the...

Ubuntu 4.10 / 5.04 : abiword vulnerabilities (USN-203-1)

Chris Evans discovered several buffer overflows in the RTF import module of AbiWord. By tricking a user into opening an RTF file with specially crafted long identifiers, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user. Note that Tenable Network...

Mandrake Linux Security Advisory : koffice (MDKSA-2005:185)

Chris Evans reported a heap based buffer overflow in the RTF importer of KWord. An attacker could provide a specially crafted RTF file, which when opened in KWord can cause execution of arbitrary code. The updated packages are patched to deal with these issues. %NASLMINLEVEL 70300 C Tenable Netwo...

[SECURITY] [DSA 894-1] New AbiWord packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 894-1 [email protected] http://www.debian.org/security/ Martin Schulze November 14th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 894-1] New AbiWord packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 894-1 [email protected] http://www.debian.org/security/ Martin Schulze November 14th, 2005 http://www.debian.org/security/faq -...

DSA-894-1 abiword - buffer overflows

Bulletin has no description...

Slackware 10.0 / 10.1 / 10.2 / 9.1 / current : KOffice/KWord (SSA:2005-310-02)

New KOffice packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue with KWord. A buffer overflow in the RTF import functionality could result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

[slackware-security] KOffice/KWord

New KOffice packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue with KWord. A buffer overflow in the RTF import functionality could result in the execution of arbitrary code. More details about this issue may be found in the Common Vulnerabilities and...

[SECURITY] [DSA 872-1] New koffice packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 872-1 [email protected] http://www.debian.org/security/ Martin Schulze October 26th, 2005 http://www.debian.org/security/faq -...