Lucene search
AnonymousZDI-23-1421HistorySep 12, 2023 - 12:00 a.m.
Microsoft Office Word FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2023-09-1200:00:00
Anonymous
www.zerodayinitiative.com
14
microsoft office
fbx file
remote code execution
vulnerability
user interaction
parsing
out-of-bounds write
0.001 Low
EPSS
Percentile
49.1%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cvelist
cvelist
CVE-2023-27909
2023-04-17 00:00:00
nvd
nvd
CVE-2023-27909
2023-04-17 21:15:07
prion
prion
Information disclosure
2023-04-17 21:15:00
cve
cve
CVE-2023-27909
2023-04-17 21:15:07
mscve
mscve
kaspersky
kaspersky
KLA60730 Multiple vulnerabilities in Microsoft Apps
2023-06-13 00:00:00
KLA50318 Multiple vulnerabilities in Microsoft Office
2023-06-13 00:00:00
KLA50317 Multiple vulnerabilities in Microsoft Developer Tools
2023-06-13 00:00:00
nessus
nessus
Security Updates for Microsoft Visual Studio Products (June 2023)
2023-06-13 00:00:00
mskb
mskb
rapid7blog
rapid7blog
Patch Tuesday - June 2023
2023-06-13 20:49:27