Back to directory

WRITEUP #3310

All Your (d)Base Are Belong To Us, Part 2: Code Execution in Microsoft Office (CVE-2021-38646)

RCEMemory corruption

by@spaceraccoonsec(Eugene Lim)

Program

Microsoft

Published

Oct 22, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://spaceraccoon.dev/all-your-d-base-are-belong-to-us-part-2-code-execution-in-microsoft-office

▸ RELATED WRITEUPS

4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways

RCEBuffer Overflow

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat