2ea9ab2625
Land #9416 , Sync Breeze Enterprise 9.5.16 Import Command buffer overflow
...
Merge branch 'land-9416' into upstream-master
2018-01-24 17:13:16 -06:00
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
900f7d6f69
docs on options
2017-12-07 14:47:40 -05:00
12425d962c
Rename office_dde_delivery to office_dde_delivery.md
2017-12-06 22:40:57 -05:00
1e4b707a60
MS Office DDE Documentation
2017-12-06 21:46:47 -05:00
14226c5f33
missing docs on options
...
Missed fixes on documentation
2017-12-04 20:58:36 -05:00
b7f17f5519
fix documentation
2017-12-04 16:41:27 -05:00
fcf2cfa134
Create office_ms17_11882.md
2017-11-21 14:45:56 -05:00
da3ca9eb90
update some documentation
2017-08-03 17:09:44 -05:00
67dddd2402
Typo reported by @nixawk
2017-08-02 15:47:21 -05:00
3229320ba9
Code review feedback from @nixawk
2017-08-02 15:46:51 -05:00
565a3355be
CVE-2017-8464 LNK Remote Code Execution Vulnerability
...
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.
This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
2017-08-02 15:46:30 -05:00
6029a9ee2b
Use a built-in HTA server and update doc
2017-04-24 16:04:27 -05:00
0a085c4e83
add doc for exploit/windows/fileformat/office_word_hta
2017-04-18 03:26:10 -05:00
34f074441d
Move doc
2017-02-16 12:33:05 -06:00
e891063b74
Update doc
2017-02-03 14:29:29 -06:00
5db1d958b0
Update doc
2017-02-03 14:08:28 -06:00
6e692b1a1c
Update doc
2017-02-03 14:03:48 -06:00
f3f774b9c7
Add demo
2017-02-03 12:01:51 -06:00
92e065c21b
Update doc
2017-02-03 11:48:18 -06:00
2457968a24
Update doc
2017-02-03 11:45:34 -06:00
e9ba6fe7fd
Add doc
2017-02-02 20:42:46 -06:00
bwatters-r7