Nmapview – Graphical Interface (GUI) for Nmap on Windows » « AttackAPI 2.0 Alpha – JavaScript Hacking Suite 
Microsoft Word 0-day Exploits – QUESTION.DOC
Darknet spilled these bits on January 11th 2007 @ 5:30 am

There’s been quite a few Microsoft related exploits recently, but not in Windows, people have moved their focus towards the application layer and the top of the OSI stack.

This time it was a 0-day Vulnerability in Microsoft Word.

The original news comes from SANS Internet Storm Center Diary (ISC).

Microsoft has reported Word 2003, Word 2002, Word 2000 and Word Viewer 2003 are reportedly affected.

The vulnerability is being exploited in the wild, the malicious document is called QUESTION.DOC.

Password stealing Trojan spreads with this vulnerability, link to the McAfee PWS-Agent.g writeup.

US-CERT reported today that “Word fails to properly handle malformed data structures allowing memory corruption to occur”. This vulnerability is public CVE-2006-6456 now.

Tags:  ,  ,  ,  ,  ,  

rss Subscribe to Darknet RSS Feed rss

Stored in: Exploits/Vulnerabilities, Windows Hacking

Related Posts:
- Trojan for the Word Vulnerability in the Wild
- Introducing WHCC – Web Hack Control Center
- CeWL – Custom Word List Generator Tool for Password Cracking
- Microsoft Rushes Out Critical RPC Bug Fix
- The Associative Word List Generator (AWLG) – Create Related Wordlists for Password Cracking
- Serious Flaw in Popular Media Players from Microsoft and AOL

| 3,991 views |

Sitemap - ShaolinTiger - DigiSniper - Digital Photography
Shutter Asia Photography Forum - We Ate This