Microsoft Office PowerPoint is prone to a vulnerability that may allow execution of pp4x322.dll if this dll is located in the same folder than a .PPT file. The attacker must entice a victim into opening a specially crafted .PPT file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
This module exploits a stack overflow on "pp7x32.dll" when it parses an inconsistent record length in sound data in a file that uses a PowerPoint 95 (PPT95) native file format.
Buffer overflow in Microsoft Office allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation.
This module exploits a vulnerability in Microsoft Office Outlook when verifying attachments that are attached using the ATTACH_BY_REFERENCE value of the PR_ATTACH_METHOD property in a specially crafted e-mail message.
This module exploits a vulnerability in Microsoft Office (.PPT files). The vulnerability is caused due to a boundary error in mso.dll within the processing of PPT files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Microsoft Office Groove is prone to a vulnerability that may allow execution of imm.dll if this dll is located in the same folder than .GRP file. The attacker must entice a victim into opening a specially crafted .GRP file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
A malformed Microsoft Excel document allows an attacker to execute arbitrary code when processing malformed RTD records. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A malformed Microsoft Excel document allows an attacker to execute arbitrary code when processing malformed RTD (recType 0x813) records. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a memory corruption on Microsoft Office Excel when parsing a malformed .XLS file with a specially crafted PivotTable Cache Data record.
This module exploits Microsoft Office 2007 systems via a crafted Excel document that triggers an access attempt on an invalid SST record.