Cumulative Update for Windows 10 Version 1607 and Windows Server 2016: December 9, 2016

Cumulative Update for Windows 10 Version 1607 and Windows Server 2016: December 9, 2016 Summary This update includes quality improvements for Windows 10 Version 1607 and Windows Server 2016. No new operating system features are being introduced in this update. Key changes include: Improved the...

PT-2016-3713 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 9.4.1 through 9.5.1 Description: The issue allows remote users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic. This is related to the DCERPC Inspection featur...

CVE-2007-5653

The Component Object Model COM functions in PHP 5.x on Windows do not follow safemode and disablefunctions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control...

Unspecified Vulnerability in Oracle Siebel Core - Server BizLogic Script Component

Oracle Siebel is a customer relationship management software. A security vulnerability in the Oracle Siebel Core - Server BizLogic Script component Integration - COM child allows remote attackers to exploit the vulnerability to compromise system integrity...

More Details About CVE-2014-4073 Elevation of Privilege Vulnerability

Today Microsoft shipped MS14-057 to the .NET Framework in order to resolve an Elevation of Privilege vulnerability in the ClickOnce deployment service. While this update fixes this service, developers using Managed Distributed Component Object Model a .NET wrapped around DCOM need to take immedia...

Internet Explorer COM Object Instantiation Memory Corruption (CVE-2006-4495)

Microsoft Internet Explorer allows HTML documents to embed ActiveX controls for the authoring of dynamic web content. ActiveX controls are based on Component Object Model COM technology. The invocation of an ActiveX control is performed by Internet Explorer by internally instantiating an object. ...

Internet Explorer DirectAnimation COM Object Memory Corruption (MS06-042; CVE-2006-3638)

Microsoft Internet Explorer allows HTML documents to embed ActiveX controls for the authoring of dynamic web content. ActiveX controls are based on Component Object Model COM technology. The invocation of an ActiveX control is performed by Internet Explorer by internally instantiating a COM objec...

CVE-2007-6705

The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESSDUPHANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly...

Internet Explorer Pdwizard.ocx ActiveX Object Memory Corruption (MS07-045; CVE-2007-3041)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer IE ActiveX control pdwizard.ocx. ActiveX controls are reusable software components based on Microsoft Component Object Model COM. To trigger the vulnerability, an attacker can create a malicious web page that...

Internet Explorer Javaprxy.dll heap overflow

Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...

CVE-2002-1257

The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...

CVE-2002-1257

Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...