Lucene search
SignalSEC ResearchZDI-15-539HistoryNov 10, 2015 - 12:00 a.m.
Microsoft Office Word TTF Size Miscalculation Remote Code Execution Vulnerability
2015-11-1000:00:00
SignalSEC Research
www.zerodayinitiative.com
21
0.587 Medium
EPSS
Percentile
97.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of name tables in an embedded TTF file. Incorrect processing of a size value can cause Word to copy too much data and corrupt memory. An attacker could leverage this vulnerability to execute arbitrary code in the context of the process.
Related
openvas
openvas
Microsoft Office Web Apps Memory Corruption Vulnerability (3104540)
2015-11-11 00:00:00
Microsoft Office Suite Remote Code Execution Vulnerabilities (3104540)
2015-11-11 00:00:00
prion
prion
Memory corruption
2015-11-11 12:59:00
symantec
symantec
Microsoft Office CVE-2015-6093 Memory Corruption Vulnerability
2015-11-10 00:00:00
nvd
nvd
CVE-2015-6093
2015-11-11 12:59:32
cvelist
cvelist
CVE-2015-6093
2015-11-11 11:00:00
cve
cve
CVE-2015-6093
2015-11-11 12:59:32
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS15-116: CVE-2015-6093)
2015-11-10 00:00:00
nessus
nessus
mskb
mskb
kaspersky
kaspersky
KLA10696 Multiple vulnerabilities in Microsoft Office
2015-11-10 00:00:00