Subscribe via feed.

Microsoft Office 2007 Groove Security Bypass / Code Execution

Posted by deepcore on October 2, 2017 – 12:13 pm

Microsoft Office 2007 Groove contains a security bypass issue regarding ‘Workspace Shortcut’ files (.GLK) because it allows arbitrary (registered) URL Protocols to be passed, when only ‘grooveTelespace://’ URLs should be allowed, which allows execution of arbitrary code upon opening a ‘GLK’ file.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.