Lucene search
Arun Kumar SharmaZDI-16-451HistoryAug 09, 2016 - 12:00 a.m.
Microsoft Office Word RTF JPEG Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2016-08-0900:00:00
Arun Kumar Sharma
www.zerodayinitiative.com
52
EPSS
0.749
Percentile
98.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of a JPEG embedded within an RTF file. The issue lies in the failure to properly validate user-supplied data which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
Related
symantec
symantec
Microsoft Office CVE-2016-3318 Memory Corruption Vulnerability
2016-08-09 00:00:00
mskb
mskb
MS16-099: Description of the security update for Office 2013: August 9, 2016
2016-08-09 07:00:00
Security update 2016-08-09
2016-08-09 07:00:00
MS16-099: Description of the security update for Office 2010: August 9, 2016
2016-08-09 07:00:00
cve
cve
CVE-2016-3318
2016-08-09 21:59:25
mscve
mscve
Microsoft Office Memory Corruption Vulnerability
2016-08-09 07:00:00
prion
prion
Memory corruption
2016-08-09 21:59:00
nvd
nvd
CVE-2016-3318
2016-08-09 21:59:25
cvelist
cvelist
CVE-2016-3318
2016-08-09 21:00:00
checkpoint_advisories
checkpoint_advisories
openvas
openvas
Microsoft Office Suite Remote Code Execution Vulnerabilities (3177451)
2016-08-10 00:00:00
nessus
nessus
MS16-099: Security Update for Microsoft Office (3177451)
2016-08-10 00:00:00
kaspersky
kaspersky
KLA10857 Multiple vulnerabilities in Microsoft Office
2016-08-09 00:00:00