4 matches found
Exploit for Path Traversal in Microsoft
This repository is an exploit module for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The exploit is a malicious docx generator that creates a document that, when opened, will execute a malicious DLL file. The exploit is based on some reverse engineering over a...
Internet Explorer zero-day: browser is once again under attack
Update 2018-05-25: CVE-2018-8174 has been added to the RIG exploit kit MDNC. Update 2018-05-22: Security researcher Richard Warren mentioned that a fully working IE zero-day now patched with payload was uploaded to VirusTotal. We decided to test Malwarebytes against it, since last time we only ha...
Modified Zyklon and plugins from India
IntroductionStreams of malicious emails Talos inspects every day usually consist of active spamming campaigns for various ransomware families, phishing campaigns and the common malware family suspects such as banking Trojans and bots.. It is however often more interesting to analyze campaigns...
[Backports-security-announce] Security update for openoffice.org
Rene Engelhard uploaded new packages for openoffice.org which fixed the following security updates: CVE-2009-0200 Dyon Balding of Secunia Research has discovered a vulnerability, which can be exploited by opening a specially crafted Microsoft Word document. When reading a Microsoft Word document,...