Lucene search
K

208 matches found

Tenable Nessus
Tenable Nessus
added 2016/07/08 12:0 a.m.49 views

LibreOffice < 5.1.4 RTF Character Style Index RCE

The version of LibreOffice installed on the remote Windows host is prior to 5.1.4. It is, therefore, affected by a use-after-free error during Rich Text Format RTF file parsing due to improper validation of the RTF character style index. An unauthenticated, remote attacker can exploit this, by...

7.8CVSS7.7AI score0.02819EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the Microsoft Office software allows a malicious actor to execute arbitrary code with privileges of the current user.

The Microsoft Office suite contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized attacker to execute arbitrary code with privileges of the current user...

9.3CVSS8.2AI score0.9679EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of Microsoft Word text editors allows a malicious actor to execute arbitrary code with the privileges of the current user.

Microsoft Word’s text editor contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized intruder to execute arbitrary code with privileges of the current user...

9.3CVSS8.2AI score0.9679EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.7 views

The vulnerability of the Microsoft Office Web Apps package allows a malicious actor to execute arbitrary code with privileges of the current user.

The Microsoft Office Web Apps software package contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized intruder to execute arbitrary code with privileges of the current user...

9.3CVSS8.2AI score0.9679EPSS
Exploits1References3
CNVD
CNVD
added 2016/06/30 12:0 a.m.21 views

LibreOffice RTF Parser Memory Misreference Vulnerability

LibreOffice is a free and open source office software suite developed by The Document Foundation TDF. The suite consists of Writer text documents, Calc spreadsheets and Impress presentations and other applications. A memory misreference vulnerability exists in the RTF parser in LibreOffice versio...

7.8CVSS8AI score0.02819EPSS
Exploits1References1
OSV
OSV
added 2016/06/29 11:55 p.m.1 views

USN-3022-1 libreoffice vulnerability

It was discovered that LibreOffice incorrectly handled RTF document files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code...

7.8CVSS7.1AI score0.02819EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2016/06/29 1:19 p.m.26 views

CVE-2016-4324

A use-after-free vulnerability was found in the Rich Text Format RTF document format parser in LibreOffice. By tricking a user into opening a specially crafted RTF document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file...

7.8CVSS5.6AI score0.02819EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2016/05/12 12:0 a.m.46 views

Cisco Nexus 9000 Series Software Password Exposure Vulnerability (Cisco-SA-20150623-CVE-2015-4213)

A vulnerability in Cisco Nexus 9000 Series Software could allow an authenticated, remote attacker to expose passwords in plain text format. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

4CVSS6.7AI score0.02603EPSS
Exploits0References1
OSV
OSV
added 2016/04/08 2:59 p.m.3 views

CVE-2016-3188

The prepopulaterequestwalk function in the Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the 1 actions, 2 container, 3 token, 4 password, 5 passwordconfirm, 6 textformat, or 7 markup field type, and consequently have unspecified impact, via unspecified...

7.3CVSS5.8AI score0.01862EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/02/10 12:0 a.m.45 views

Microsoft Office Suite Remote Code Execution Vulnerabilities (3134226)

This host is missing a critical security update according to Microsoft Bulletin MS16-015. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS7.2AI score0.19541EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2016/01/19 12:0 a.m.54 views

bind -- denial of service vulnerability

ISC reports: Problems converting OPT resource records and ECS options to text format can cause BIND to terminate...

7CVSS6.9AI score0.07654EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/11/11 12:0 a.m.65 views

Microsoft Office Suite Remote Code Execution Vulnerabilities (3104540)

This host is missing a critical security update according to Microsoft Bulletin MS15-116. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.20969EPSS
Exploits0References7
OSV
OSV
added 2015/04/27 11:56 a.m.4 views

USN-2578-1 libreoffice vulnerabilities

Alexander Cherepanov discovered that LibreOffice incorrectly handled certain RTF files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. CVE-2014-9093 It was discovered that LibreOffice...

7.5CVSS6.8AI score0.07646EPSS
Exploits0References3
CNVD
CNVD
added 2015/04/15 12:0 a.m.5 views

Microsoft Office Memory Corruption Vulnerability (CNVD-2015-02509)

Microsoft Office is an office suite developed by Microsoft. Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation A memory corruption vulnerability in Services on SharePoint Server 2010 SP2 and...

9.3CVSS7.5AI score0.9679EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2015/04/15 12:0 a.m.76 views

Microsoft Office Word Remote Code Execution Vulnerabilities (3048019) - Mac OS X

This host is missing a critical security update according to Microsoft Bulletin MS15-033. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS8.4AI score0.9679EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2015/04/15 12:0 a.m.73 views

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3048019)

This host is missing a critical security update according to Microsoft Bulletin MS15-033. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS8.3AI score0.9679EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2015/04/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2015-1641

Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user...

9.3CVSS7.8AI score0.9679EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2015/04/14 12:0 a.m.4 views

PT-2015-1062 · Microsoft · Sharepoint Server +4

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2007 SP3 through 2013 SP1 Microsoft Word versions 2007 SP3 through 2013 SP1 Microsoft Word for Mac version 2011 Office Compatibility Pack version SP3 Word Automation Services on SharePoint Server versions 2010 SP2 an...

9.3CVSS9.7AI score0.9679EPSS
Exploits1References16
Check Point Advisories
Check Point Advisories
added 2015/03/26 12:0 a.m.24 views

Microsoft Word RTF Object Parsing Memory Corruption (MS08-072) - Ver2 (CVE-2008-4030)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

9.3CVSS7.2AI score0.2339EPSS
Exploits0
CNVD
CNVD
added 2015/03/12 12:0 a.m.16 views

Microsoft Office Memory Corruption Vulnerability (CNVD-2015-01612)

Microsoft Office is a suite of word processing programs developed by Microsoft. A memory corruption vulnerability exists in Microsoft Office's handling of specially crafted RTF files viewed via preview, which allows an attacker to construct special files and trick the user into parsing them, whic...

9.3CVSS7.4AI score0.13452EPSS
Exploits0References1
Rows per page
Query Builder