56 matches found
EUVD-2015-2568
Malware in sbrugna...
EUVD-2003-0114
Malware in sbrugna...
Description of the security update for WES09 and POSReady 2009: February 13, 2018
Description of the security update for WES09 and POSReady 2009: February 13, 2018 Summary This security update resolves an issue in which a Windows Management Instrumentation WMI query for MSBTSOrchestration fails with a 0xC0C02402 COM exception error on a computer that is running BizTalk Server...
Cross site scripting
Cross-site scripting XSS vulnerability in uddi/search/frames.aspx in the UDDI Services component in Microsoft Windows Server 2008 SP2 and BizTalk Server 2010, 2013 Gold, and 2013 R2 allows remote attackers to inject arbitrary web script or HTML via the search parameter, aka "UDDI Services Elevati...
CVE-2015-2475
Cross-site scripting XSS vulnerability in uddi/search/frames.aspx in the UDDI Services component in Microsoft Windows Server 2008 SP2 and BizTalk Server 2010, 2013 Gold, and 2013 R2 allows remote attackers to inject arbitrary web script or HTML via the search parameter, aka "UDDI Services Elevati...
Microsoft Windows UDDI Services CVE-2015-2475 Cross Site Scripting Vulnerability
Description Microsoft Windows UDDI Services is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Microsoft BizTalk Server 2000/2002 DTA RawCustomSearchField.asp SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/7470/info A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface. This...
Microsoft BizTalk Server 2002 HTTP Receiver Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7469/info Microsoft BizTalk Server 2002 contains a boundary condition error that could allow a buffer to be overrun. Successful exploitation could allow arbitrary code execution in the security context of the IIS Server...
Microsoft BizTalk Server 2000/2002 DTA rawdocdata.asp SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7470/info A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface. This...
Microsoft Windows Common Controls ActiveX Control CVE-2012-1856 Remote Code Execution Vulnerability
Description Microsoft Windows Common Controls is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the...
Microsoft's April Security Update : Patch MS12-027 Now !
This month Microsoft released a total of six new security bulletins, but one in particular deals with a zero-day vulnerability impacting virtually every Microsoft user, which is already being exploited in the wild. Four of the six security bulletins are rated as Critical by Microsoft, with the...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
PT-2012-1210
Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 Office 2003 Web Components version SP3 SQL Server versions 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2 BizTalk Server version 2002 SP1 Commerce Server versions 2002...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
Microsoft BizTalk Server Installed
Microsoft BizTalk Server, an enterprise service bus, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58652; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10"; scriptnameenglish:"Microsoft...
CVE-2009-1534
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office We...
CVE-2009-1534
CVE-2009-1534 : Buffer overflow in the Office Web Components ActiveX Control used by Microsoft Office Web Components across multiple products (Office XP/2000 Web Components SP3, BizTalk Server 2002, Visual Studio .NET 2003 SP1) enables remote code execution via crafted property values. The issue ...
Microsoft Office Web Components ActiveX Control Stack Buffer Overflow Code Execution Vulnerability
Description The Microsoft Office Web Components ActiveX control is prone to a remote stack-based buffer-overflow vulnerability. An attacker could exploit this issue by enticing a victim to visit a maliciously crafted webpage. Successful exploits will allow the attacker to execute arbitrary code...