«
Expand/Collapse
84 items tagged "word"
Related tags:
stack buffer [+],
record [+],
code execution [+],
based buffer overflow [+],
stack overflow [+],
hacks [+],
buffer overflow [+],
word list [+],
critical vulnerability [+],
buffer [+],
word splash [+],
word clock [+],
splash [+],
overflow vulnerability [+],
openoffice [+],
memory corruption [+],
list [+],
clock [+],
builder [+],
microsoft [+],
txt [+],
rtf [+],
idefense security advisory [+],
document table [+],
document [+],
buffer overflow vulnerabilities [+],
rich text messages [+],
resource exhaustion [+],
pro versions [+],
local buffer overflow [+],
lfo [+],
free error [+],
exploits [+],
cve [+],
buffer overflow exploit [+],
zdi [+],
word press [+],
sprmcmajority [+],
shellcode [+],
secunia [+],
s system [+],
pwned [+],
pro [+],
press [+],
null pointer [+],
microsoft security bulletin [+],
invalid pointer [+],
heap [+],
dove [+],
code [+],
blue dove [+],
arduino [+],
microsoft office word [+],
wordlist [+],
word war [+],
word html [+],
word builder [+],
word bookmarks [+],
warns [+],
war [+],
vinyl lettering [+],
vanya [+],
uninitialized [+],
traditional word [+],
tip line [+],
substrate [+],
shield [+],
service vulnerability [+],
security vulnerabilities [+],
secret txt [+],
proto board [+],
presses [+],
physical coercion [+],
null [+],
mso [+],
moving picture [+],
milton [+],
malformed [+],
macs [+],
local [+],
leds [+],
language [+],
lamination [+],
ivan [+],
ipad [+],
integrated circuits [+],
iii [+],
html [+],
governments [+],
google [+],
genetic algorithms [+],
genetic algorithm [+],
folder [+],
file [+],
few [+],
fabrication [+],
f. the [+],
experimenter [+],
etc passwd [+],
essid [+],
eric [+],
english thanks [+],
display [+],
disparate events [+],
denial of service [+],
clock functions [+],
challenge [+],
censoring [+],
building [+],
bryce [+],
abera [+],
abces [+],
abator [+],
abandonat [+],
Wireless [+],
Pentesting [+],
Howto [+],
BackTrack [+],
microsoft word [+],
office [+],
safer use [+],
word record [+],
vulnerability [+],
buffer overflow vulnerability [+]
-
-
16:00
»
SecuriTeam
Microsoft Word is prone to a remote code-execution vulnerability.
-
-
16:00
»
SecuriTeam
Microsoft Word is prone to a remote denial-of-service vulnerability.
-
-
12:01
»
Hack a Day
From the look of it his is just another Word Clock, right? From the outside maybe. But if you take a look at the build photos this a good example of extreme fabrication.The design uses a five-layer lamination of glass bezel, vinyl lettering, diffuser, mounting plate, and back panel. The mounting and lettering layers were labor intensive, [...]
-
-
13:01
»
Hack a Day
This work clock functions in an unexpected way. With each passing second it displays a random four letter word on the right side of the display. Traditional word clocks tell the time in natural language, but this one is simply used as a learning opportunity. [Iron Jungle] got his hands on the display for just [...]
-
-
13:09
»
Hack a Day
There’s a word – synchronicity – to describe two disparate events that occur together in a meaningful way. We see this a lot in the Hackaday tip line; two people send in somewhat similar hacks solving similar problems in similar ways nearly simultaneously. Here’s two builds by [Bryce] and [spektakx] that hit our inbox within minutes [...]
-
-
12:01
»
Hack a Day
Maybe it was a language barrier he ran into, or possibly an inclination to do things the hard and smart way, but we really like [Alessio]‘s take on building the display for his word clock. Instead of relying on a pre-designed word layout, he made his own word pattern with a genetic algorithm. While looking at [...]
-
-
7:01
»
Hack a Day
[Ivan] decided to build a Word Clock as holiday gift for his parents. He pulled it off, but as you can see above, it meant a lot of point-to-point soldering. One small piece of proto-board is used to host the power supply and a few integrated circuits, with the rest of the device mounted on [...]
-
-
12:01
»
Hack a Day
[Milton] sent in a build that censors every ‘F’ word on TV, and not just the one that rhymes with ‘duck,’ either. His setup sounds the alarm every time someone inside the moving picture box says a word that contains the letter F. The build is based around Nootropic Design’s Video Experimenter Shield. This neat little shield [...]
-
-
13:01
»
Hack a Day
The answer, of course, is a word clock. This is actually [Eric's] second version of a word clock. Like the first one, it uses 114 LEDs to back light the words on the display. In his first iteration he used an Arduino to drive a Charlieplex array of lights. It was an 11 by 10 [...]
-
-
7:13
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in Word Builder 1.0. An attacker must send the file to the victim and the victim must open the file.
-
-
11:18
»
Packet Storm Security Exploits
This Metasploit module exploits a record parsing vulnerability in Microsoft Word. The Microsoft advisory detailing this issue is MS-09-027.
-
-
18:45
»
SecuriTeam
Microsoft Word Contains a vulnerability caused by a double-free error when processing LFO (List Format Override) records.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
13:44
»
SecuriTeam
Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code under the privileges of the targeted user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
10:11
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office prior to the release of the MS10-087 bulletin are vulnerable. This Metasploit module does not attempt to exploit the vulnerability via Microsoft Outlook. The Microsoft Word RTF parser was only used by default in versions of Microsoft Word itself prior to Office 2007. With the release of Office 2007, Microsoft began using the Word RTF parser, by default, to handle rich-text messages within Outlook as well. It was possible to configure Outlook 2003 and earlier to use the Microsoft Word engine too, but it was not a default setting.
-
10:11
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office prior to the release of the MS10-087 bulletin are vulnerable. This Metasploit module does not attempt to exploit the vulnerability via Microsoft Outlook. The Microsoft Word RTF parser was only used by default in versions of Microsoft Word itself prior to Office 2007. With the release of Office 2007, Microsoft began using the Word RTF parser, by default, to handle rich-text messages within Outlook as well. It was possible to configure Outlook 2003 and earlier to use the Microsoft Word engine too, but it was not a default setting.
-
10:11
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack-based buffer overflow in the handling of the 'pFragments' shape property within the Microsoft Word RTF parser. All versions of Microsoft Office prior to the release of the MS10-087 bulletin are vulnerable. This Metasploit module does not attempt to exploit the vulnerability via Microsoft Outlook. The Microsoft Word RTF parser was only used by default in versions of Microsoft Word itself prior to Office 2007. With the release of Office 2007, Microsoft began using the Word RTF parser, by default, to handle rich-text messages within Outlook as well. It was possible to configure Outlook 2003 and earlier to use the Microsoft Word engine too, but it was not a default setting.
-
-
4:11
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in Microsoft Word, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a double-free error when processing LFO (List Format Override) records and can be exploited to corrupt memory via a specially crafted Word document. Successful exploitation may allow execution of arbitrary code.
-
4:11
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in Microsoft Word, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a double-free error when processing LFO (List Format Override) records and can be exploited to corrupt memory via a specially crafted Word document. Successful exploitation may allow execution of arbitrary code.
-
-
10:42
»
SecuriTeam
Microsoft Office Word contains a critical vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
10:37
»
SecuriTeam
A critical vulnerability was discovered in Microsoft Office Word.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
10:37
»
SecuriTeam
Microsoft Office Word contains a critical vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
10:37
»
SecuriTeam
Microsoft Office Word contains a critical vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:58
»
SecuriTeam
Microsoft Office Word contains a critical vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
12:03
»
SecuriTeam
A memory corruption vulnerability was discovered in Microsoft Office Word.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
12:03
»
SecuriTeam
Microsoft Office Word contains a Overflow Vulnerability in LVL Structure Heap.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:29
»
SecuriTeam
A critical vulnerability was discovered in Microsoft Office Word.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:24
»
SecuriTeam
Microsoft Office Word contains Word Bookmarks Invalid Pointer Vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:14
»
SecuriTeam
Microsoft Office Word contains a critical vulnerability in Word BKF Objects Array Indexing.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:09
»
SecuriTeam
Microsoft Office Word Document contains a Heap Overflow Vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
22:02
»
Packet Storm Security Recent Files
iDefense Security Advisory 11.09.10 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code under the privileges of the targeted user. This vulnerability specifically exists in the handling of a specific control word in an RTF document. Under certain circumstances, Word will copy its property strings into a stack buffer without checking the length, which causes a stack buffer overflow. iDefense has confirmed the existence of this vulnerability in Microsoft Word 2003, Microsoft Word 2007, and Microsoft Outlook 2007.
-
22:01
»
Packet Storm Security Advisories
iDefense Security Advisory 11.09.10 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code under the privileges of the targeted user. This vulnerability specifically exists in the handling of a specific control word in an RTF document. Under certain circumstances, Word will copy its property strings into a stack buffer without checking the length, which causes a stack buffer overflow. iDefense has confirmed the existence of this vulnerability in Microsoft Word 2003, Microsoft Word 2007, and Microsoft Outlook 2007.
-
-
10:41
»
SecuriTeam
A null pointer dereference vulnerability has been noticed in Microsoft Word 2003.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
23:52
»
SecuriTeam
A Heap Overflow vulnerability was identified in Microsoft Word RTF File Parsing functionality.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
19:00
»
Packet Storm Security Exploits
Microsoft Word record parsing buffer overflow exploit. This takes advantage of the vulnerability discussed in MS-09-027 and spawns calc.exe.
-
-
18:00
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records in a Word document. Due to the lack of parameter checking when processing sprmCMajority sprm groups it is possible to arbitrarily control the amount of data being written to a stack based buffer resulting in a stack overflow vulnerability which can overwrite critical exception structures. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.
-
18:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records in a Word document. Due to the lack of parameter checking when processing sprmCMajority sprm groups it is possible to arbitrarily control the amount of data being written to a stack based buffer resulting in a stack overflow vulnerability which can overwrite critical exception structures. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.
-
8:01
»
Packet Storm Security Recent Files
iDefense Security Advisory 08.10.10 - Remote exploitation of a heap buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code under the privileges of the targeted user. This vulnerability specifically exists in the handling of some drawing object control words in an RTF document. Under certain circumstances, Word will copy a property value into a heap buffer without checking the length, which causes a heap buffer overflow. iDefense has confirmed the existence of this vulnerability in Microsoft Word 2003, Microsoft Word 2007, and Microsoft Outlook 2007. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-056.
-
8:01
»
Packet Storm Security Advisories
iDefense Security Advisory 08.10.10 - Remote exploitation of a heap buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code under the privileges of the targeted user. This vulnerability specifically exists in the handling of some drawing object control words in an RTF document. Under certain circumstances, Word will copy a property value into a heap buffer without checking the length, which causes a heap buffer overflow. iDefense has confirmed the existence of this vulnerability in Microsoft Word 2003, Microsoft Word 2007, and Microsoft Outlook 2007. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-056.
-
-
21:52
»
remote-exploit & backtrack
Hello all,
So a professor of my Computer Security course, together with the campus IT director, have offered my class a challenge. They've placed a file (aptly named secret.txt) with a secret word/phrase/something in a protected folder, and are offering extra credit if we can figure out what that word is. We aren't allowed to destroy anything or inhibit use of the server to other students, but past that anything (sans physical coercion and blackmail) goes.
The server is running SunOS 5.9. The folder, and all files within it that I know of, have 700 permissions, and both accounts I have access to are in the students group, whereas he's in the faculty group. We can print the shadowed /etc/passwd, but permission is denied to read or copy /etc/shadow.
We'll get credit whether we get caught or not, but ideas that get the secret word without alerting anybody are preferable. I'm familiar with unix/linux, but not so much with penetrating it. I come to you asking for advice and guidance in things to learn about that would aid me in this endeavor.
Thank you
-
-
8:07
»
remote-exploit & backtrack
hi. i have 2gb word list for cracking wpa and also i have 1gb ram and i can not copy word list to backtrack home.(im using backtrack from usb flash disk) i want to show word list to aircrack from my hdd (it is hda1) how do i do that. i tried this command
aircrack-ng -a 1 -b (essid) -w /dev/hda1/word.lst essid.cap
also tried
aircrack-ng -a 1 -b (essid) -w /media/hda1/word.lst essid.cap.
and last,
is there any usefull document for airolib-ng
sorry for my english
thanks.
-
-
14:07
»
remote-exploit & backtrack
How can i find and replace all the {word}/{random_chars} with {word}.I've tried using sed but i find it too complicated.Could you help me with a right tutorial or a sed command that will do something like that?
Here is an example of what my wordlist looks like:
Code:
abandonare
abandonarii
abandona/RT
abandonata
abandonat
abandonati
abandonat/W
abandoneaza
abandoneze
abandonez/W
abandonind
abandonuri/L
abanos
abata
abate
abateau
abatere/Z
abateri/GL
abatia/Z
abatoare/XC
abator
abatut/XM
abatut
abces
abdica/AP
abdicare
abdicare
abdicari/LZ
abdica/RZ
abdice/LZ
abdominale
abecedarul
abera/XC
aberanta
aberant
aberante/L
aberant/IW
aberatia/PZ
aberatii/GL
abereze/AZ
......
I also have to mention that this is a romanian wordlist , and is the only one i could find.
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution