OX Documents version 7.10.5 suffers from multiple improper authorization vulnerabilities.
fdc415c0e1479fc1bbd7c9da23f2c1893080132040e14750beb56328b7efaa61PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
1af5864d29cfa29e73e8fdb612863cb6cc7243b364b86a2f4ec81557fe2b39f4iDefense Security Advisory 04.14.09 - Exploitation of a stack corruption vulnerability in Microsoft Corp.'s Word 2000 WordPerfect 6.x Converter could allow an attacker to execute code in the context of the current user. Microsoft Word is able to open documents created in other applications by transparently applying a filter module which converts them to a format Word can use. The WordPerfect 6.x converter from Office 2000 fails to perform sufficient sanity checking on input files. A maliciously constructed WordPerfect document can cause potentially exploitable stack corruption. iDefense Labs have confirmed that the WordPerfect 6.x converter (WPFT632.CNV, with file version 1998.1.27.0) in Microsoft Word 2000 Service Pack 3 is vulnerable. However, the version of this converter installed with Word 2003 is not affected by this vulnerability.
d7e06c594ee675783098ca1a2f12b2ee798b05b631ffdf21d98e79bb64fc7399iDefense Security Advisory 03.17.09 - Remote exploitation of a stack-based buffer overflow in Autonomy Inc's KeyView SDK allows attackers to execute arbitrary code with the privileges of the current user. This vulnerability exists within the "wp6sr.dll" which implements the processing of Word Perfect Documents. When processing certain records, data is copied from the file into a fixed-size stack buffer without ensuring that enough space is available. By overflowing the buffer, an attacker can overwrite control flow structures stored on the stack. iDefense confirmed that this vulnerability exists within Lotus Notes 8 installed on a Windows XP SP3 machine. All applications which utilize the Autonomy KeyView SDK to process Word Perfect Documents are suspected to be vulnerable.
b937ed5f21b2e4393b8c522f7c8752591ab0f7291ae5ffefd1340932bb43c9c1This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
b75d34e09ff5f706bc546f62f391d928327a0a0992c1927332d39262a989aa71This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
6aa4b5a3b3f52b03be3481220acca3d5397d5e91d6df97fbea8671c496098a09This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
0115772792f8b7d585fd324c28a2a76194c0c27906e09d2df8ff2fbe35cac1d1The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques. Verified vulnerable systems include the HP JetDirect 2420 and the HP JetDirect 4250.
be8fa162c08d4f572bcb2aef847e724d081ab534467549eef582a0eda6be899eThis file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
ff786846a4d8dd673858a1ce9d94bf2333c7eea65387c85272d128241904ae96This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
937af488cc6082b0ce51a0af28870120abb73256fee5ef8a02f8e960a5ffe8bdThis file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
ff37a59381e965e20aa2bf1ee57101c6ce54502a13d33c97989767eabd92f9ffMandriva Linux Security Advisory 2009-006 - Heap-based overflow on functions to manipulate WMF and EMF files in OpenOffice.org documents enables remote attackers to execute arbitrary code on documents holding certain crafted either WMF or EMF files. ). This update provide the fix for these security issues and further openoffice.org-voikko package has been updated as it depends on openoffice.org packages.
764b243a216d03ac1b187c250cae6ce495eea4fbd2df074611469d3ca0e9551bUbuntu Security Notice USN-691-1 - Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. This update also fixes a regression in the upstream patch previously applied to fix CVE-2008-3790. The regression would cause parsing of some XML documents to fail.
8e6e9a4a0c546126aa35f85750f347d27b3886321646d22ce793a2ac11d744dfZero Day Initiative Advisory 08-085 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft products including Word, Outlook and WordPad. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a malicious file. The specific flaw exists within the parsing of RTF documents containing multiple drawing object tags. First, code within wwlib.dll allocates a buffer for the tag object. Later, a result from a call into mso.dll is copied into the same buffer but with a larger size than was allocated by the callee. Successful exploitation can lead to remote compromise of a system under the credentials of the currently logged in user.
c5ea79961ce2e515e26e96dde47f09b7a8594e01a09011a9c5a3588cf2149a1aZero Day Initiative Advisory 08-084 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a malicious file. The specific flaw exists when parsing malformed RTF documents. When processing consecutive "\\do" Drawing Object tags mso.dll does not properly verify the integrity of the object and frees a memory buffer twice, leading to heap corruption. Successful exploitation can lead to remote compromise of a system under the credentials of the currently logged in user.
061b1c87dd8c8c9625fcb32b2321deaa163679ec6e8c9facf4afbc86e5e44cabUbuntu Security Notice USN-668-1 - Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed. If a user were tricked into opening a malicious website, an attacker could obtain private information from data stored in the images, or discover information about software on the user's computer. Jesse Ruderman discovered that Thunderbird did not properly guard locks on non-native objects. If a user had JavaScript enabled and were tricked into opening malicious web content, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges. Several problems were discovered in the browser, layout and JavaScript engines. If a user had JavaScript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. A flaw was discovered in Thunderbird's DOM constructing code. If a user were tricked into opening a malicious website while having JavaScript enabled, an attacker could cause the browser to crash and potentially execute arbitrary code with user privileges. It was discovered that the same-origin check in Thunderbird could be bypassed. If a user had JavaScript enabled and were tricked into opening malicious web content, an attacker could execute JavaScript in the context of a different website. Chris Evans discovered that Thunderbird did not properly parse E4X documents, leading to quote characters in the namespace not being properly escaped. Boris Zbarsky discovered that Thunderbird did not properly process comments in forwarded in-line messages. If a user had JavaScript enabled and opened a malicious email, an attacker may be able to obtain information about the recipient.
93c13caf984544b75658e4212d7aaa699eb879c7bc04c2105c1fd518f47587d5Ubuntu Security Notice USN-673-1 - Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service.
14aa962cd967df79c253c644c2c8828edaaf504811b1f094c29778d229459c52iDefense Security Advisory 10.30.08 - Remote exploitation of a stack buffer overflow vulnerability in Adobe Systems Inc.'s PageMaker could allow an attacker to execute arbitrary code with the privileges of the current user. A vulnerability exists within the handling of PMD files, the native file format for storing PageMaker documents. When parsing a malformed PMD file, data from the file is copied into a buffer without proper validation. This results in an exploitable stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in Adobe PageMaker version 7.0.1 with the CVE-2007-5169 patch applied. Previous versions may also be affected. However, Adobe InDesign CS, the successor to PageMaker, is not affected.
30285f28d965b9654aef8e6c21708c5bbbf4e22fb01500dce610cc044d6dd20fMandriva Linux Security Advisory - libxml2 version 2.7.0 and 2.7.1 did not properly handle predefined entities definitions in entities, which allowed context-dependent attackers to cause a denial of service (memory consumption and application crash) via certain XML documents. The updated packages have been patched to prevent this issue.
1680aa310a6ed38cfad19f7667fc7271aeb0ccca9437b3a22c6c6e91daf6a83bUbuntu Security Notice 644-1 - It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service. USN-640-1 fixed vulnerabilities in libxml2. When processing extremely large XML documents with valid entities, it was possible to incorrectly trigger the newly added vulnerability protections. This update fixes the problem.
9139e43fe95cb79654a777a5abce41c875cabcb649f86a564afc749503aed326A potential vulnerability exists in the Microsoft Office Suite. The issue is a result of insufficient bounds checking on the content of PICT files embedded into documents. Successful exploitation of this issue enables an attacker to remotely execute arbitrary code on a target system. User interaction would be required, as an attacker would have to convince the target user to open a malformed file. One of the filter DLLs for processing image files in Microsoft Office suffers from a potentially-exploitable memory corruption condition when processing .PICT images. An invalid value in the bits_per_pixel field (offset 0x257) causes heap corruption. Different values of this field result in distinctly different types of corruption. Internally, the issue was only reproducible when the malformed image was directly inserted into an Office document by the target user.
974bb98ba30588b96b6efd403c5cc2af6d08b2085fb3458ddc726a0dd5907f16PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
78f9e8b9424d30f7bfbee06a10ca6e39c49bc5d9376b6de1b76986f26d2912b0Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. Also, according to bug #38874 decimal numbers on Hebrew documents would appear as Arabic characters. Another issue (#39799) is with (Tools -> Options -> OpenOffice.org Writer -> General). Even setting to centimeters on (Indent & Spacing) option it shows as characters (ch) on (Indents & Spacing) configuration on the menu: (Format -> Paragraph -> Indents & Spacing). Moreover, a document holding Notes edited on Microsoft Office would not show when opened with OpenOffice. These and a number of other OpenOffice.org issues were fixed by the new version provided in this update.
2e84c6d73a917e36aa0188a5765a22864416f5aacac8012f5275526bd414ff8bOne of eight recently released documents from the Ministry of Defense detailing UFO-related incidents in the United Kingdom.
15b8515de677f63423d3d174fb60d055cc8de74c354127b75834a87bb27d455fOne of eight recently released documents from the Ministry of Defense detailing UFO-related incidents in the United Kingdom.
6b5da090df24ba0f79cb3eeed5c758f29812549afc802e9259cabefba68d8a71One of eight recently released documents from the Ministry of Defense detailing UFO-related incidents in the United Kingdom.
7e46d47db702acacd501a6abe5b7eafb0ea0642bc0bdea15b8f0bf28a04ce865
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed