24 matches found
EUVD-2005-1795
Malware in sbrugna...
CVE-2024-9499
The CVE-2024-9499 entry concerns the USBXpress Win 98SE Dev Kit installer, where an uncontrolled search path leads to DLL hijacking. Affected component is the installer itself; root cause is the improper search order that can allow loading malicious DLLs. Documented impact includes privilege esca...
PT-2025-3724 · Usbxpress · Usbxpress
Name of the Vulnerable Software and Affected Versions: USBXpress Win 98SE Dev Kit affected versions not specified Description: The issue is caused by an uncontrolled search path in the USBXpress Win 98SE Dev Kit installer, leading to DLL hijacking vulnerabilities. This can result in privilege...
Microsoft Windows 98SE User32.DLL Icon Handling Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values. Reports indicate that this issue exis...
UltraISO 9.3.6.2750 - (.mds) (.mdf) Buffer Overflow PoC
No description provided by source. / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! The programs are provided as is without any guarantees or warranty. The author is not responsible for any damage or losses of any kind cause...
Outlook Express 6 恶意附件保护绕过漏洞
BUGTRAQ ID: 3271 微软OutLook Express 6中带了一个新的安全特性,额可以阻止用户打开或者保存可能有 害的附件。 然而,这个特性存在一个漏洞。攻击者可以通过在邮件中嵌入一个frame来绕过上述保护。 当攻击者在frame中嵌入一个".exe"或者“.bat"文件时,如果用户试图打开这个文件,恶 意程序可能被执行。用户也可以将其保存在硬盘上。 Microsoft Outlook Express 6.0 - Microsoft Windows ME - Microsoft Windows 98se - Microsoft Windows 98 - Microsof...
Microsoft Word 2000未明代码执行漏洞
Microsoft Word是一款流行的办公文字处理程序。 Microsoft Word 2000存在未明错误,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有解决方案提供。 Microsoft Word 2003 Viewer Microsoft Word 2003 + Microsoft Office 2003 SP1 + Microsoft Office 2003 Microsoft Word 2000 SR1a + Microsoft Office 2000 - Microsoft Windows 2000 Professional SP2 - Microsoft...
Microsoft Windows Help存在多个漏洞
Microsoft Help WINHLP32.EXE处理.hlp文件存在多个远程代码执行和拒绝服务问题。 攻击者可以在WEB页上防止恶意帮助文件,或者通过EMAIL附件形式发送,诱使用户打开来触发此漏洞,成功利用此漏洞可以以进程权限执行任意指令。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition...
Microsoft Internet Explorer ADODB.Recordset NextRecordset拒绝服务漏洞
Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理ADODB.Recordset NextRecordset对象存在问题,远程攻击者可以利用漏洞可对应用程序进行拒绝服务攻击。 构建包含恶意ADODB.Recordset NextRecordset对象的WEB页,诱使用户访问,可导致用户的IE浏览器崩溃,造成拒绝服务攻击。可能存在任意代码执行可能。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Microso...
Microsoft MDAC RDS.Dataspace ActiveX控件远程代码执行漏洞(MS06-014)
Microsoft Windows是微软发布的非常流行的操作系统。 Windows的RDS.Dataspace ActiveX实现上存在漏洞,远程攻击者可能利用此漏洞在获取主机的控制。 在某些情况下,MDAC所捆绑的RDS.Dataspace ActiveX控件无法确保能够进行安全的交互,导致远程代码执行漏洞,成功利用这个漏洞的攻击者可以完全控制受影响的系统。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003...
Microsoft Windows GDI WMF Handling Heap Overflow Vulnerability
Description The Microsoft Windows GDI Graphics Rendering Engine is prone to a heap-overflow vulnerability. This issue is exposed when the component loads a specially crafted WMF Windows Metafile image. If this issue is exploited, a malicious WMF or EMF file could potentially corrupt heap-based...
Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities
Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities by cocoruder page:http://ruder.cdut.net email:frankruderathotmail.com Last Update:2006.01.07 class:design error Remote:yes local:yes Product Affected: Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Serve...
Microsoft Internet Explorer HTTPS Proxy Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information disclosure vulnerability when using an authenticating proxy server for HTTPS communications. Exploitation of this issue could result in an attacker gaining a user's authentication credentials. This issue only exists when the...
Microsoft Internet Explorer Unspecified SharePoint Portal Services Log Sink ActiveX Vulnerability
Description Microsoft Internet Explorer is prone to an unspecified vulnerability in the SharePoint Portal Service Log Sink ActiveX control. The vendor has not released any further information about this vulnerability other than to state the "kill bit" has been set on unsupported versions of the...
CVE-2005-1793
User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service crash via an icon .ico bitmap file with large width and height values...
CVE-2005-1793
User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service crash via an icon .ico bitmap file with large width and height values...
CVE-2005-1793
CVE-2005-1793 affects Microsoft Windows 98SE (and possibly other operating systems) via User32.DLL. A crafted icon (.ico) bitmap file with unusually large width and height values can cause a denial of service (crash). The vulnerability is described as allowing local and remote DoS; CVSS 2.0 base ...
Microsoft Windows 98SE - 'User32.dll' Icon Handling Denial of Service
source: https://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values. Reports indicate that this issue exists for user32.dll versions that...
Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service
Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service source: https://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values...
CVE-2001-0877
CVE-2001-0877 describes an unchecked buffer in Windows UPnP NOTIFY handling that can allow remote attackers to cause denial of service or execute code with SYSTEM privileges on Windows XP (and related UPnP-enabled Windows 98/ME). Exploitation via specially malformed NOTIFY messages (SSDP) can tri...