Microsoft Office Groove 'Workspace Shortcut' Arbitrary Code Execution Vulnerability

Microsoft Office Groove 2007 enables easier and more flexible collaboration for smaller organizations. Deploying Microsoft Office Groove 2007 and OfficeSharePoint Server 2007 together enables an integrated collaboration environment to help organizations work better together and share information...

Microsoft Office 2007 Groove Security Bypass / Code Execution Exploit

Microsoft Office 2007 Groove contains a security bypass issue regarding 'Workspace Shortcut' files .GLK because it allows arbitrary registered URL Protocols to be passed, when only 'grooveTelespace://' URLs should be allowed, which allows execution of arbitrary code upon opening a 'GLK' file...

Microsoft Office 2007 Groove Security Bypass / Code Execution

Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007 32-bits Due to the nature of the issue, it would work on the x64 version of Office 2007, but I don't know if there's one ?? Tested on: Windows 7/Server 2008/Vista/Serve...

Microsoft Office Groove - Workspace Shortcut Arbitrary Code Execution

Microsoft Office Groove - Workspace Shortcut Arbitrary Code Execution Title: MS Office Groove 'Workspace Shortcut' Arbitrary Code Execution Vulnerability Date: September 28th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/...

Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution

Title: MS Office Groove 'Workspace Shortcut' Arbitrary Code Execution Vulnerability Date: September 28th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007 32-bits x86 Tested on: Windows 7/Server 2008/Vista/Serve...