208 matches found
LibreOffice < 5.1.4 RTF Character Style Index RCE
The version of LibreOffice installed on the remote Windows host is prior to 5.1.4. It is, therefore, affected by a use-after-free error during Rich Text Format RTF file parsing due to improper validation of the RTF character style index. An unauthenticated, remote attacker can exploit this, by...
The vulnerability of the Microsoft Office software allows a malicious actor to execute arbitrary code with privileges of the current user.
The Microsoft Office suite contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized attacker to execute arbitrary code with privileges of the current user...
The vulnerability of Microsoft Word text editors allows a malicious actor to execute arbitrary code with the privileges of the current user.
Microsoft Word’s text editor contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized intruder to execute arbitrary code with privileges of the current user...
The vulnerability of the Microsoft Office Web Apps package allows a malicious actor to execute arbitrary code with privileges of the current user.
The Microsoft Office Web Apps software package contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized intruder to execute arbitrary code with privileges of the current user...
LibreOffice RTF Parser Memory Misreference Vulnerability
LibreOffice is a free and open source office software suite developed by The Document Foundation TDF. The suite consists of Writer text documents, Calc spreadsheets and Impress presentations and other applications. A memory misreference vulnerability exists in the RTF parser in LibreOffice versio...
USN-3022-1 libreoffice vulnerability
It was discovered that LibreOffice incorrectly handled RTF document files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code...
CVE-2016-4324
A use-after-free vulnerability was found in the Rich Text Format RTF document format parser in LibreOffice. By tricking a user into opening a specially crafted RTF document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file...
Cisco Nexus 9000 Series Software Password Exposure Vulnerability (Cisco-SA-20150623-CVE-2015-4213)
A vulnerability in Cisco Nexus 9000 Series Software could allow an authenticated, remote attacker to expose passwords in plain text format. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
CVE-2016-3188
The prepopulaterequestwalk function in the Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the 1 actions, 2 container, 3 token, 4 password, 5 passwordconfirm, 6 textformat, or 7 markup field type, and consequently have unspecified impact, via unspecified...
Microsoft Office Suite Remote Code Execution Vulnerabilities (3134226)
This host is missing a critical security update according to Microsoft Bulletin MS16-015. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
bind -- denial of service vulnerability
ISC reports: Problems converting OPT resource records and ECS options to text format can cause BIND to terminate...
Microsoft Office Suite Remote Code Execution Vulnerabilities (3104540)
This host is missing a critical security update according to Microsoft Bulletin MS15-116. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
USN-2578-1 libreoffice vulnerabilities
Alexander Cherepanov discovered that LibreOffice incorrectly handled certain RTF files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. CVE-2014-9093 It was discovered that LibreOffice...
Microsoft Office Memory Corruption Vulnerability (CNVD-2015-02509)
Microsoft Office is an office suite developed by Microsoft. Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation A memory corruption vulnerability in Services on SharePoint Server 2010 SP2 and...
Microsoft Office Word Remote Code Execution Vulnerabilities (3048019) - Mac OS X
This host is missing a critical security update according to Microsoft Bulletin MS15-033. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3048019)
This host is missing a critical security update according to Microsoft Bulletin MS15-033. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
VulnCheck KEV: CVE-2015-1641
Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user...
PT-2015-1062 · Microsoft · Sharepoint Server +4
Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2007 SP3 through 2013 SP1 Microsoft Word versions 2007 SP3 through 2013 SP1 Microsoft Word for Mac version 2011 Office Compatibility Pack version SP3 Word Automation Services on SharePoint Server versions 2010 SP2 an...
Microsoft Word RTF Object Parsing Memory Corruption (MS08-072) - Ver2 (CVE-2008-4030)
Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...
Microsoft Office Memory Corruption Vulnerability (CNVD-2015-01612)
Microsoft Office is a suite of word processing programs developed by Microsoft. A memory corruption vulnerability exists in Microsoft Office's handling of specially crafted RTF files viewed via preview, which allows an attacker to construct special files and trick the user into parsing them, whic...