8292 matches found
CVE-2009-1136
The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...
DSquare Exploit Pack: D2SEC_OWC
Name| d2secowc ---|--- CVE| CVE-2009-1136 Exploit Pack| D2ExploitPack Description| Microsoft Office Web Components ActiveX msDataSourceObject Code Execution Vulnerability Notes|...
Design/Logic Flaw
The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...
CVE-2009-1136
CVE-2009-1136 affects the Microsoft Office Web Components Spreadsheet ActiveX control (OWC10/OWC11) bundled with Office XP SP3, Office 2003 SP3, and related Web Components/ISA configurations. A crafted call to msDataSourceObject in Internet Explorer allows remote code execution; this vulnerabilit...
CVE-2009-1136
The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...
VulnCheck KEV: CVE-2009-1136
The Microsoft Office Web Components Spreadsheet ActiveX control aka OWC10 or OWC11, as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and...
Microsoft Office Web Components Spreadsheet ActiveX control vulnerability
Overview The Microsoft Office Web Components Spreadsheet ActiveX controls OWC10 and OWC11 contain a vulnerability that may allow an attacker to take control of a vulnerable system. Description The Office Web Components Spreadsheet ActiveX control contains a code execution vulnerability. Public...
Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability
Added: 07/14/2009 CVE: CVE-2009-1136 BID: 35642 OSVDB: 55806 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the...
Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability
Added: 07/14/2009 CVE: CVE-2009-1136 BID: 35642 OSVDB: 55806 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the...
MS09-043: Vulnerabilities in Microsoft Office Web Components Control Could Allow Remote Code Execution (973472)
The remote Windows host includes Microsoft Office Web Components, a collection of Component Object Model COM controls for publishing and viewing spreadsheets, charts, and databases on the web. A privately reported vulnerability in Microsoft Office Web Components reportedly can be abused to corrup...
FortiGuard Advisory: Microsoft Office Web Components Remote Memory Corruption Vulnerability
Microsoft Office Web Components Remote Memory Corruption Vulnerability 2009.July.13 Fortinet's FortiGuard Global Security Research Team Discovers Memory Corruption Vulnerability in Microsoft Office Web Components. Summary: ======== A memory corruption vulnerability exists in the ActiveX Controls ...
Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability
Added: 07/14/2009 CVE: CVE-2009-1136 BID: 35642 OSVDB: 55806 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the...
New Flaw in Microsoft Office Web Components Under Attack
From SearchSecurity Robert Westervelt Microsoft issued an advisory Monday, warning of a new vulnerability in Office Web Components being actively targeted by attackers. The Office Web Components allow users to view spreadsheets, charts and databases on the Web. Microsoft said the vulnerability is...
Update Protection against Microsoft Office Web Components Multiple ActiveX Controls Remote Code Execution Vulnerability (MS09-043)
Multiple remote code execution vulnerabilities have been reported in Microsoft Office Web Components ActiveX Controls. Microsoft Office Web Components are a collection of Component Object Model COM controls for publishing spreadsheets, charts, and databases to the Web, and for viewing the publish...
Microsoft Office Web Components ActiveX Control 'msDataSourceObject()' Code Execution Vulnerability
Description Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit...
CVE-2009-2324
Multiple cross-site scripting XSS vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples aka samples directory...
CVE-2009-2239
SQL injection vulnerability in the 1 casinobase comcasinobase, 2 casinoblackjack comcasinoblackjack, and 3 casinovideopoker comcasinovideopoker components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php...
Sql injection
SQL injection vulnerability in the 1 casinobase comcasinobase, 2 casinoblackjack comcasinoblackjack, and 3 casinovideopoker comcasinovideopoker components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php...
CVE-2009-2239
SQL injection vulnerability in the 1 casinobase comcasinobase, 2 casinoblackjack comcasinoblackjack, and 3 casinovideopoker comcasinovideopoker components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php...
icu: XSS vulnerability due to improper invalid byte sequence handling
International Components for Unicode ICU 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences...