what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-150
Posted Aug 13, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records in a Word document. Due to the lack of parameter checking when processing sprmCMajority sprm groups it is possible to arbitrarily control the amount of data being written to a stack based buffer resulting in a stack overflow vulnerability which can overwrite critical exception structures. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2010-1900
MD5 | 9f395e991e9db055a4c76c708c3faa04
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Julian Assange's Extradition Hearing Set For 2020
Posted Jun 14, 2019

tags | headline, government, privacy, usa, britain, data loss, cyberwar, spyware
JavaScript Template Attacks Expose New Browser Fingerprinting Vectors
Posted Jun 14, 2019

tags | headline, flaw, spyware
High Severity Cisco Flaw In IOS XE Enables Device Takeover
Posted Jun 13, 2019

tags | headline, flaw, cisco
Facebook Emails Seem To Show Zuck Knew Of Privacy Issues
Posted Jun 13, 2019

tags | headline, privacy, email, data loss, facebook
Exim Email Servers Are Now Under Attack
Posted Jun 13, 2019

tags | headline, hacker, privacy, email, flaw
EFF Asks For DOJ Efforts To Break Facebook Encryption To Be Made Public
Posted Jun 13, 2019

tags | headline, government, privacy, usa, spyware, facebook, social, cryptography
Radiohead Sells Recordings To Public After Hacker Attempts Extortion
Posted Jun 12, 2019

tags | headline, hacker, cybercrime, data loss, fraud
Intel Fixes Severe NUC Firmware, Web Console Vulnerabilities
Posted Jun 12, 2019

tags | headline, flaw, patch, intel
Adobe Fixes Critical Security Flaws In Flash, ColdFusion, Campaign
Posted Jun 12, 2019

tags | headline, adobe, patch
Linux Command-Line Editors Vulnerable To High Severity Bug
Posted Jun 12, 2019

tags | headline, linux, flaw
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close