The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Office InfoPath

computer vulnerability note CVE-2015-2434 CVE-2015-2440 CVE-2015-2471

Windows, Office: three vulnerabilities of XML Core Services

Synthesis of the vulnerability

An attacker can use several vulnerabilities of XML Core Services of Windows.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 11/08/2015.
Identifiers: 3080129, CERTFR-2015-AVI-338, CVE-2015-2434, CVE-2015-2440, CVE-2015-2471, MS15-084, VIGILANCE-VUL-17634, ZDI-15-381.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in XML Core Services used by Windows/Office.

An attacker can force the usage of SSLv2, in order to obtain sensitive information. [severity:2/4; CVE-2015-2434]

An attacker can guess the memory layout of a process, to bypass ASLR, in order to ease the next step of the attack. [severity:2/4; CVE-2015-2440, ZDI-15-381]

An attacker can force the usage of SSLv2, in order to obtain sensitive information. [severity:2/4; CVE-2015-2471]
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2015-2431 CVE-2015-2435 CVE-2015-2455

Microsoft Office: six vulnerabilities of Graphics Component

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Graphics Component of Microsoft Office.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 6.
Creation date: 11/08/2015.
Identifiers: 3078662, CERTFR-2015-AVI-334, CVE-2015-2431, CVE-2015-2435, CVE-2015-2455, CVE-2015-2456, CVE-2015-2463, CVE-2015-2464, MS15-080, VIGILANCE-VUL-17628, ZDI-15-387, ZDI-15-388.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Microsoft Office.

An attacker can generate a memory corruption in Office Graphics Library Font, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-2431]

An attacker can generate a memory corruption in TrueType, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-2435, ZDI-15-387]

An attacker can generate a memory corruption in TrueType, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-2455, ZDI-15-388]

An attacker can generate a memory corruption in TrueType, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-2456]

An attacker can generate a memory corruption in TrueType, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-2463]

An attacker can generate a memory corruption in TrueType, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2015-2464]
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2015-1682 CVE-2015-1683

Microsoft Office: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Office.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/05/2015.
Identifiers: 3057181, CERTFR-2015-AVI-211, CVE-2015-1682, CVE-2015-1683, MS15-046, VIGILANCE-VUL-16887, ZDI-15-182.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Microsoft Office.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1682, ZDI-15-182]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-1683]
Full Vigil@nce bulletin... (Free trial)

cybersecurity note CVE-2014-6362

Microsoft Office: bypassing ASLR

Synthesis of the vulnerability

An attacker can bypass ASLR via Microsoft Office, in order to ease the exploitation of another vulnerability.
Severity: 2/4.
Creation date: 10/02/2015.
Identifiers: 3033857, CERTFR-2015-AVI-064, CVE-2014-6362, MS15-013, VIGILANCE-VUL-16163.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Systems use ASLR in order to randomize memory addresses used by programs and libraries.

However, Microsoft Office allows an attacker to bypass this security feature.

An attacker can therefore bypass ASLR via Microsoft Office, in order to ease the exploitation of another vulnerability.
Full Vigil@nce bulletin... (Free trial)

weakness bulletin CVE-2015-0063 CVE-2015-0064 CVE-2015-0065

Microsoft Office: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Office.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 10/02/2015.
Identifiers: 3032328, CERTFR-2015-AVI-063, CVE-2015-0063, CVE-2015-0064, CVE-2015-0065, MS15-012, VIGILANCE-VUL-16162.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Microsoft Office.

An attacker can generate a memory corruption in Excel, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0063]

An attacker can generate a memory corruption in Word, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0064]

An attacker can generate a memory corruption in Word OneTableDocumentStream, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-0065]
Full Vigil@nce bulletin... (Free trial)

weakness bulletin CVE-2014-6364

Microsoft Office: use after free

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area of Microsoft Office, in order to trigger a denial of service, and possibly to execute code.
Severity: 3/4.
Creation date: 09/12/2014.
Identifiers: 3017349, CERTFR-2014-AVI-520, CVE-2014-6364, MS14-082, VIGILANCE-VUL-15766.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Microsoft Office suite converts documents to object located in memory.

However, a function frees a memory area before reusing it.

An attacker can therefore force the usage of a freed memory area of Microsoft Office, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2014-4077

Office 2007: privilege escalation via IME Japanese

Synthesis of the vulnerability

An attacker can use a vulnerability of the IME Japanese of Office 2007, in order to escalate his privileges.
Severity: 2/4.
Creation date: 12/11/2014.
Identifiers: 2992719, CERTFR-2014-AVI-476, CVE-2014-4077, MS14-078, VIGILANCE-VUL-15623.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Office 2007 product can be configured with a Japanese IME (Input Method Editor), in order to enter Japanese characters.

However, a special file can be used to escape from the sandbox.

An attacker can therefore use a vulnerability of the IME Japanese of Office 2007, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2014-1809

Microsoft Office: bypassing ASLR via MSCOMCTL

Synthesis of the vulnerability

An attacker can obtain memory addresses, to bypass ASLR, in order to facilitate the development of an attack tool.
Severity: 2/4.
Creation date: 13/05/2014.
Identifiers: 2961033, CERTFR-2014-AVI-222, CVE-2014-1809, MS14-024, VIGILANCE-VUL-14742.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The ASLR (Address Space Layout Randomization) feature loads programs at random memory addresses, so it's more difficult to exploit memory corruptions.

However, the Microsoft Office MSCOMCTL library uses fixed addresses.

An attacker can therefore obtain memory addresses, to bypass ASLR, in order to facilitate the development of an attack tool.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2014-1756 CVE-2014-1808

Microsoft Office: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Office.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 13/05/2014.
Identifiers: 2961037, CERTFR-2014-AVI-221, CVE-2014-1756, CVE-2014-1808, MS14-023, VIGILANCE-VUL-14741.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Microsoft Office.

The Simplified Chinese Grammar Checker accepts to load a DLL from a remote path, so an attacker can execute code. [severity:3/4; CVE-2014-1756]

An attacker can reuse a token, in order to obtain sensitive information. [severity:2/4; CVE-2014-1808]
Full Vigil@nce bulletin... (Free trial)

weakness alert CVE-2013-5057

Microsoft Office 2007, 2010: bypassing ASLR via HXDS

Synthesis of the vulnerability

An attacker can use hxds.dll, in order to bypass ASLR to exploit another vulnerability.
Severity: 2/4.
Creation date: 11/12/2013.
Identifiers: 2905238, BID-64095, CERTA-2013-AVI-672, CVE-2013-5057, MS13-106, VIGILANCE-VUL-13935.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The ASLR (Address Space Layout Randomization) feature loads programs at random memory addresses, so it's more difficult to exploit memory corruptions.

The Office suite installs the hxds.dll library (C:\Program Files\Common Files\microsoft shared\Help\). It can be instanciated in Internet Explorer with JavaScript code such as "location.href = 'ms-help:'".

However, memory addresses of this library are not randomized.

An attacker can therefore use hxds.dll, in order to bypass ASLR to exploit another vulnerability.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.