CVE-2012-5357

CVE-2012-5357 affects Ektron CMS prior to 8.02 SP5. The vulnerability arises from XslCompiledTransform with enablescript set to true, allowing remote code execution with NETWORK SERVICE privileges via crafted XSL data. Documentation and third-party sources confirm RCE potential in Ektron’s XSLT h...

Opera <= 8.02 - Remote Denial of Service Exploit (2)

No description provided by source. !-- Vulnerable: Opera 8.2 Windows XP Prof. SP2 Tested opera.py ; opera opera.html [email protected] html = openopera.html, w html.writehtml style=\content: url0;\n html.writehead/head\n buff1 = 'A'32499 html.writebodyA\n+buff1+\n buff2 = 'B'153 html.writeu...

CVE-2013-2817

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click...

Hardcoded credentials

An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document...

Hardcoded credentials

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click...

CVE-2013-2817

An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user-assisted remote attackers to execute arbitrary programs via a crafted HTML document in conjunction with a Login Client button click...

CVE-2013-2817

The vulnerability CVE-2013-2817 affects Mitsubishi Electric Automation MC-WorX Suite 8.02 via the IcoLaunch.dll ActiveX control. The insecure control (Exposed Dangerous Method or Function CWE-749) can be used to execute arbitrary code when a user visits a crafted HTML document and clicks the Logi...

Ektron 8.02 /WorkArea/ContentDesigner/ekajaxtransform.aspx 代码执行漏洞

No description provided by source...

Ektron 8.02 XSLT Transform Remote Code Execution

This module exploits a vulnerability in Ektron CMS 8.02 before SP5. The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, which allows to execute arbitrary...

Vulnerabilities in Ektron CMS Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of two vulnerabilities affecting Ektron Web Content Management System CMS. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Ektron. Ektron...

VUPEN Security Research - Novell GroupWise &quot;TZID&quot; Variable Remote Buffer Overflow Vulnerability &#40;VUPEN-SR-2011-004&#41;

VUPEN Security Research - Novell GroupWise VCALENDAR "TZID" Variable Remote Buffer Overflow Vulnerability VUPEN-SR-2011-004 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Novell GroupWise collaboration software is a premier collaboration tool for large enterprise...

PCRE 6.2 - Regular Expression Compiling Workspace Buffer Overflow

source: https://www.securityfocus.com/bid/39974/info PCRE is prone to a buffer-overflow vulnerability because the library fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of an application using the PCRE...

CVE-2009-2375

Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long FileName parameter in a .pdm file. NOTE: some of these details are obtained from third party information...

CVE-2005-4718

CVE-2005-4718 affects Opera 8.02 and earlier. The issue allows remote denial of service (client crash) via two vectors: (1) a crafted HTML file containing a content: url(0); style attribute, a bodyA tag, a long string, and a long attribute on a u tag (oper a.html demonstrated); and (2) a BGSOUND ...

CVE-2005-4718

Opera 8.02 and earlier allows remote attackers to cause a denial of service client crash via 1 a crafted HTML file with a "content: url0;" style attribute, a "bodyA" tag, a long string, and a "u" tag with a long attribute, as demonstrated by opera.html; and 2 a BGSOUND element with a "margin:-99;...

Opera 8.02 - Remote Denial of Service (2)

\n" html.write"\n" buff1 = 'A'32499 html.write"\n"+buff1+"\n" buff2 = 'B'153 html.write"\n" html.write"" html.close Cheers! --...

Opera <= 8.02 Remote Denial of Service Exploit

Exploit for multiple platform in category dos / poc ============================================== Opera AAA 0day.today 2018-04-04...

Opera 8.02 - Remote Denial of Service (2)

Opera 8.02 - Remote Denial of Service 2 \n" html.write"\n" buff1 = 'A'32499 html.write"\n"+buff1+"\n" buff2 = 'B'153 html.write"\n" html.write"" html.close Cheers! --...

Opera 8.02 - Remote Denial of Service (1)

Opera 8.02 - Remote Denial of Service 1 AAA milw0rm.com 2005-10-16...

Opera 8.02 - Remote Denial of Service (1)

AAA milw0rm.com 2005-10-16...