# SummaryOS: window 10/11TARGET: msoffice winword.exeTYPE: Microsoft Word Remote Code Execution Vulnerability # DescriptionThis vulnerability was discovered during the process of parsing the .docx file structure in the WINWORD.EXE program.By exploiting this vulnerability, attacker can control the IP register by referencing an arbitrary heap chunk. # AnalysisA function allocates and frees a sma..
# SummaryOS: Window 7/10/11TARGET: msoffice winword.exe / windowTYPE: Windows OLE Remote Code Execution Vulnerability # DescriptionThis vulnerability can occur in M365 product lines that support OleObject insertion .This vulnerability allows the same object to be released twice, potentially invoking a function at an arbitrary address. # AnalysisBelow is an excerpt of the code at the time the v..
An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerability could potentially lead to denial of service for the platform.
