44 matches found
EUVD-2004-2076
Malware in sbrugna...
EUVD-2023-32867
Malicious code in bioql PyPI...
MS12-027: Description of the security update for Microsoft Commerce Server 2009 R2: April 10, 2012
Describes the security update for Microsoft Commerce Server 2009 R2 that was released on April 10, 2012.INTRODUCTIONMicrosoft has released security bulletin MS12-027. To view the complete security bulletin, visit one of the following Microsoft websites: Home...
MS12-027: Description of the security update for Microsoft Commerce Server 2007 Service Pack 2: April 10, 2012
Describes the security update for Microsoft Commerce Server 2007 that was released on April 10, 2012.INTRODUCTIONMicrosoft has released security bulletin MS12-027. To view the complete security bulletin, visit one of the following Microsoft websites: Home...
Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573)
This host is missing a critical security update according to Microsoft Bulletin MS12-060. OpenVAS Vulnerability Test $Id: secpodms12-060.nasl 5912 2017-04-10 09:01:51Z teissa $ Microsoft Windows Common Controls Remote Code Execution Vulnerability 2720573 Authors: Veerendra G G Copyright: Copyrigh...
Microsoft Windows TabStrip MSCOMCTL.OCX RCE Vulnerability
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerc...
Microsoft Windows Common Controls ActiveX Control CVE-2012-1856 Remote Code Execution Vulnerability
Description Microsoft Windows Common Controls is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the...
Microsoft's April Security Update : Patch MS12-027 Now !
This month Microsoft released a total of six new security bulletins, but one in particular deals with a zero-day vulnerability impacting virtually every Microsoft user, which is already being exploited in the wild. Four of the six security bulletins are rated as Critical by Microsoft, with the...
Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
This host is missing a critical security update according to Microsoft Bulletin MS12-027. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
PT-2012-1210
Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 Office 2003 Web Components version SP3 SQL Server versions 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2 BizTalk Server version 2002 SP1 Commerce Server versions 2002...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
MS12-027: Description of the security update for Microsoft Commerce Server 2009: April 10, 2012
Describes the security update for Microsoft Commerce Server 2009 that was released on April 10, 2012.INTRODUCTIONMicrosoft has released security bulletin MS12-027. To view the complete security bulletin, visit one of the following Microsoft websites: Home...
PT-2010-1179 · Microsoft · Sql Server +5
Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, 2010 SP1 Microsoft SQL Server versions 2000 SP4, 2005 SP4, 2008 SP2, SP3, R2, R2 SP1, and R2 SP2 Microsoft Commerce Server versions 2002 SP4, 2007 SP2, 2009 Gold and R2 Microsoft Host...
Microsoft Office Web Component Memory Access Violation Denial of Service Vulnera
Microsoft Office Web组件一款基与Web的数据透视表控件。 Microsoft Office Web包含的ActiveX控件存在设计错误,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建恶意的EWB页,诱使用户访问,可导致对应用程序进行拒绝服务攻击。 Microsoft Office Web Components 2003 0 + Microsoft BizTalk Server 2002 Developer Edition + Microsoft BizTalk Server 2002 Enterprise Edition + Microsoft Commer...
Microsoft Commerce Server 2002 authfiles/login.asp Authentication Bypass
The version of Microsoft Commerce Server 2002 installed on the remote host may enable an attacker to bypass authentication if the sample files from the 'AuthFiles' folder are installed under the web server's document root. Note that successful exploitation of this issue requires knowledge of the...
Authentication flaw
The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice...
CVE-2006-1257
The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice...
CVE-2006-1257
CVE-2006-1257 describes an authentication bypass in Microsoft Commerce Server 2002 prior to SP2. The issue arises when sample files in the web server’s AuthFiles directory are present and a remote attacker can log in to authfiles/login.asp with a valid username and any password, then reach the ma...