Microsoft Office 2007 suffers from a RTF XML SmartTags use-after-free vulnerability.
9112fd06f8a9594124ac555685a4c390b42d8b36cbf029a9deca63894f80b49e
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system.
e049e0b801540514dc4f36105c6d528a821ec2b23a16e48e0fdaf8849f69011a
Secunia Security Advisory - A vulnerability has been reported in Microsoft Visual Basic for Applications and Microsoft Office, which can be exploited by malicious people to compromise a user's system.
f66a12bc7c479b8166468fd3ca01fcfd7cd2b635a26e9279aefdd7e5bf77efe7
Secunia Security Advisory - A security issue has been reported in Microsoft Office for Mac, which can be exploited by malicious, local users to gain escalated privileges.
348c5d49308891533f2cbd131c08618ec5a0353c7138aa8a433130564762be98
Technical Cyber Security Alert 2012-174A - Microsoft Security Advisory (2719615) warns of active attacks using a vulnerability in Microsoft XML Core Services. Microsoft Internet Explorer and Microsoft Office can be used as attack vectors.
0c812057868f3aa30c32aad25076f9d58f948634874ad313df23ae18d0447418
This Metasploit module exploits a vulnerability found in Microsoft Office's ClickOnce feature. When handling a Macro document, the application fails to recognize certain file extensions as dangerous executables, which can be used to bypass the warning message. This allows you to trick your victim into opening the malicious document, which will load up either a python or ruby payload based on your choosing, and then finally download and execute our executable.
0a79ccc75253fc54a4cbf99a7599c06f3f75c9e59c1385bd9c4f718868f83665
Red Hat Security Advisory 2012-0705-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a buffer overflow, was found in the way OpenOffice.org processed an invalid Escher graphics records length in Microsoft Office PowerPoint documents. An attacker could provide a specially-crafted Microsoft Office PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org.
6a657f9b42a90e909284ccc79fb9187564b90245173cbab2a1f6851f0a6a3370
Debian Linux Security Advisory 2468-1 - It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine.
920a70bfc04b0acc0425ec067ac9afcca3536a5264b0f2d72e8aaeffc68e9fde
Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
99781fc28f0c5e45969375600dfad67b883896db330bfe1e61fdd14079218fd8
Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
32b95a29a08e0891177ba0136d57828e7a5d6a9b2dd0bac45e2be92621c51a35
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
21fb7f13a69e3c5e9bee5fa63d501333030da793712a4bbf677f79e5485dfdd0
Microsoft Office 2008 SP0 RTF Pfragments exploit for the Mac.
b2f082bdc375ecd1d41a0063c2b3fb30dccf7a409ac8e7cacdabe327df682042
Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.
2151cce31ecc67c5f890478458d9f102d21fc5c5acf8bed6a032535dcfa65a58
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office and Microsoft Works, which can be exploited by malicious people to compromise a user's system.
9f82b1cd90e2538bc12d6b42cb6185660e399d473f94c639ac735c9c73a45554
This Metasploit module exploits a buffer overflow in Microsoft Office 2003 and command execution with .a malicious doc file .
e45bf18ac108e4ae3783ccae6f6292790febfb3111809b9cea39d7aae1a9bdb6
Microsoft Office 2003 Home/Pro buffer overflow exploit with a magic payload download.
a5df7f790abb9961479c3b3d997d64657f4eb426c3b9605dd2ffa79bf09958af
Zero Day Initiative Advisory 11-347 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word 2007/2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application handles a border containing a specific property. When parsing this property, the application will incorrectly free it. If the application attempts to render the object, a use-after-free condition can be made to occur. This can lead to code execution under the context of the application.
c998ca3897ccbe8974534d8594685d9229d85af0647b8834346c4f9d08b43858
Zero Day Initiative Advisory 11-346 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application processes a shape record hierarchy. Due to the application not properly checking the types of elements within containers, the application will incorrectly modify a property of the object. This modification can be used to cause memory corruption of the type which can lead to code execution under the context of the application.
e70a0b6b137b62f85620a58469fdf28c264299614af24c86f139d85673534a41
Zero Day Initiative Advisory 11-346 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application processes a shape record hierarchy. Due to the application not properly checking the types of elements within containers, the application will incorrectly modify a property of the object. This modification can be used to cause memory corruption of the type which can lead to code execution under the context of the application.
e70a0b6b137b62f85620a58469fdf28c264299614af24c86f139d85673534a41
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
5275138bef0d3b310d70091bc19119dab7e26922df7ce952bdf31404b4cbff35
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious, local users to gain escalated privileges.
d68ea392381f490b48a8138407ebfed754cbd2581c21cb8da2cc5b896fd0f2a7
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system.
d9722d21a05e1bf3f22ffaac55553aea919fd092231150449f1bb84f77c265b1
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system.
bf7c04d98d21b404b2a2eb4281875d48cf92f33b9ef46d02a9245148e599bd3e
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
ec8ea83f351f9a6743742ca88cfbd15c3b4dd95ba72b57d9f017ef5460bc420b
This Metasploit module exploits a vulnerability found in Excel 2002 of Microsoft Office XP. By supplying a .xls file with a malformed OBJ (recType 0x5D) record an attacker can get the control of the execution flow. This results arbitrary code execution under the context of the user.
acb25995e86f5b15f194ac0612879eb48ebd91be3aa622b8ed431f01c711cbdd
This Metasploit module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack-based buffer overflow. This results in arbitrary code execution under the context of the user.
405750635f1d715a040aac5de170b3b1b4dc8f91ecb9723c46a8fa8a207f6fa9