This exploit leverages an information disclosure vulnerability in Microsoft WordPad. By using a malicious file, unauthorized access can be obtained, allowing for the theft of NTLM hashes.
A critical vulnerability, identified and cataloged as CVE-2023-38831, has been discovered. This vulnerability allows attackers to create modified RAR or ZIP archives that contain both harmless files and malicious ones. The malicious files are typically scripts located within a folder that shares the same name as the harmless file.
WinRAR RCE before versions 6.23
WinRAR RCE before versions 6.23
The method exportXFAData has inadvertently exposed a dangerous loophole that can allow a remote attacker to execute arbitrary code on the victim's system. The exploitation process requires the victim's interaction, meaning a potential attacker would need to convince the target to visit a malicious web page or open a corrupted file. The victim's susceptibility to social engineering thus significantly increases the risk factor of this vulnerability.
IBM i Access Family could allows to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system.
This module exploits a vulnerability in Microsoft MSDT, which can be leveraged to execute arbitrary code on vulnerable machines by convincing an unsuspecting user to open a malicious document.
This is a critical vulnerability in the MSHTML rendering engine. Microsoft Office applications use the MSHTML engine to process and display web content. An adversary who successfully exploits could achieve full control over a target system by using malicious ActiveX controls to execute arbitrary code.
This Update contains the following improvements:
-Default Connection method was changed to HTTPS
-Early Release Warning was removed
-Several "Application Name" in "Supported systems" property were added
-Added html obfuscation when possible to avoid AV detection
-All file names are randomized
-Now users can choose between using cab file method or not
This Update contains the following improvements:
-Default Connection method was changed to HTTPS
-Early Release Warning was removed
-Several "Application Name" in "Supported systems" property were added
-Added html obfuscation when possible to avoid AV detection
-All file names are randomized
-Now users can choose between using cab file method or not
This is a critical vulnerability in the MSHTML rendering engine. Microsoft Office applications use the MSHTML engine to process and display web content. An adversary who successfully exploits could achieve full control over a target system by using malicious ActiveX controls to execute arbitrary code.
The specific flaw exists within the parsing of wTextLen information within VU3 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer.
The specific flaw exists within the handling of XML files. When parsing the szFilename attribute of the MulStatus element. This update adds CVE number.
The specific flaw exists within the handling of XML files. When parsing the szFilename attribute of the MulStatus element.