67 matches found
EUVD-2019-16321
Malware in sbrugna...
EUVD-2004-1901
Malware in sbrugna...
CVE-2019-6763
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Foxit Reader FoxitReaderCtl ToggleFormsDesign Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ToggleFormsDesi...
PT-2019-18323 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 9.4.1.16828 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The...
CVE-2018-17925
CVE-2018-17925 concerns a vulnerability in the Gigasoft component of GE iFIX (ActiveX marked Safe For Scripting). Affected products include GE iFIX 2.0–5.0, 5.1, 5.5 and 5.8; older Gigasoft components may be used in other vendors’ products. The issue arises from an unsafe ActiveX control within t...
EternalBlue Exploit Spreading Gh0st RAT, Nitol
EternalBlue, the exploit used in the WannaCry ransomware outbreak, is now being leveraged to distribute the Nitol backdoor and Gh0st RAT malware. Security researchers at FireEye said, just as WannaCry criminals did, threat actors are leveraging the same Microsoft Server Message Block SMB protocol...
Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads
The “EternalBlue” exploit MS017-010 was initially used by WannaCry ransomware and Adylkuzz cryptocurrency miner. Now more threat actors are leveraging the vulnerability in Microsoft Server Message Block SMB protocol – this time to distribute Backdoor.Nitol and Trojan Gh0st RAT. FireEye Dynamic...
Acunetix WVS 10 - Remote Command Execution
Acunetix WVS 10 - Remote Command Execution ''' Acunetix WVS 10 - Remote command execution SYSTEM privilege - Author: Daniele Linguaglossa Overview ========= Acunetix WVS 10 1 is an enterprise web vulnerability scanner developer by Acunetix Inc. Two major flaws exists in the last version of...
Microsoft Indexing Services for Windows 2000 File Verification Vulnerability
No description provided by source. source : http://www.securityfocus.com/bid/1933/info Microsoft Windows 2000 Indexing Services is a search engine that will allow a user to perform full-text searches of online sites using their browsers. Search results include Word, Excel, PowerPoint, and HTML...
Novell ZENworks Admin Studio ISProxy Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Admin Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Recent assessments: wchen-r7 at...
Babylon Cross-Application Scripting Code Execution
Introduction ============ Babylon is a single-click computer online dictionary and translation software which is also capable of translating whole documents and web pages. The translation and dictionary results are presented to the user via the Trident layout engine an in-app/embedded...
CVE-2010-2991
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object aka ICO component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted HTML...
Cumulative Security Update for Internet Explorer (937143)
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka ActiveX Object Memory Corruption Vulnerability. OpenVA...
Cumulative Security Update for Internet Explorer (937143)
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka ActiveX Object Memory Corruption Vulnerability...
Internet Explorer HHCtrl.ocx Image Property Heap Corruption (MS06-046; CVE-2006-3357)
Microsoft Internet Explorer IE is the most widely used web browser application. The browser is capable of processing HTML, images, scripting languages, and various other popular Internet specifications. The browser is also compatible with Microsoft's Common Object Model COM scheme, whereby...
Microsoft Internet Explorer 6 - New ActiveX Object String Concatenation Memory Corruption
Microsoft Internet Explorer 6 - New ActiveX Object String Concatenation Memory Corruption source: https://www.securityfocus.com/bid/30219/info Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to crash the affected applicatio...
With all the 0day,the current through the kill all versions-bug warning-the black bar safety net
Program code SCRIPTwindow. onerror=functionreturn true;/SCRIPT SCRIPT document. writeln"object classid="clsid:61F5C358-60FB-4A23-A312 - D2B556620F20" style='display:none' id='Kazakh'/object"; document. writeln"SCRIPT language="javascript""; document. writeln"var...
Microsoft Internet Explorer ADODB.Recordset空指针引用拒绝服务漏洞
BUGTRAQ ID: 18773 Microsoft Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer在处理ADODB.Recordset ActiveX对象时存在拒绝服务漏洞,远程攻击者可能利用此漏洞导致用户IE浏览器崩溃。 ADODB.Recordset ActiveX对象的属性被三次赋与不同的值时会触发空指针引用问题,如果用户受骗访问了包含畸形ActiveX引用代码的恶意WEB页面的话就会导致IE拒绝服务。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet...
Internet Explorer Pdwizard.ocx ActiveX Object Memory Corruption (MS07-045; CVE-2007-3041)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer IE ActiveX control pdwizard.ocx. ActiveX controls are reusable software components based on Microsoft Component Object Model COM. To trigger the vulnerability, an attacker can create a malicious web page that...