8289 matches found
Vulnerability involving security zone handling in applications using Internet Explorer components
Overview Internet Explorer IE components apply different security levels for web content processing depending on the location zone of the web content. As a result, web content on the Internet is processed in the "Internet" zone with a higher security level than that set for web content in the...
Windows Components 0Day vulnerabilities pass to kill IE6 and IE7 browser-vulnerability warning-the black bar safety net
China IT lab 4 on 2 1 reported: recently received a netizen sent a message, reflecting one of the Windows 0Day vulnerabilities. And in its blog is given in the relevant code. 0dayMicrosoft Works 7 WkImgSrv.dll crash POC, dll version 7. 0 3. 0 6 1 6. 0, IE7+Windows XP SP2 test. ! the following is...
CVE-2008-1907
Multiple SQL injection vulnerabilities in functions/displaypage.func.php in cpCommerce 1.1.0 allow remote attackers to execute arbitrary SQL commands via the 1 idproduct, 2 idmanufacturer, and 3 idcategory parameters to unspecified components. NOTE: this probably overlaps CVE-2007-2959 and...
Microsoft Office / Excel / Outlook / Web Components multiple security vulnerabilities
Microsoft Excel multiple security vulnerabilities, Outlook mailt: URI code execution, multiple Office memory corruptions, Office Web Components multiple security vulnerabilities...
Solaris 9 (x86) : 114678-15
SunOS 5.9x86: International Components for Unicode Patch. Date this patch was last updated by Sun : Mar/06/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Microsoft Office Web组件ActiveX控件远程代码执行漏洞(MS08-017)
BUGTRAQ ID: 28135,28136 CVECAN ID: CVE-2006-4695,CVE-2007-1201 Microsoft Office Web组件是COM控件集合,用于向Web发布电子表格、图表和数据库,并查看所发布的组件。 Microsoft Office Web组件在解析特制的URL时管理内存资源的方式存在漏洞,如果用户受骗访问了恶意网页的话,就可能触发内存破坏,导致执行任意指令。 Microsoft Office Web Components 2000 临时解决方法: 禁止在Internet Explorer中运行Office Web组件库,为CLSID...
mamboensen-sql.txt
Aria-Security Team Persian Security Network http://Aria-Security.Net/ ---------------------------- Shoutz: Aura, NULL, Kinglet, iM4N, Imm02tal Mambo Components ensenanzas "id" Remote SQL Injection Original Advisory: http://forum.aria-security.net/showthread.php?p=1731...
GLSA-200803-20 : International Components for Unicode: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200803-20 International Components for Unicode: Multiple vulnerabilities Will Drewry Google Security reported a vulnerability in the regular expression engine when using back references to capture \0 characters CVE-2007-4770. He...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Security Bulletin MS08-017 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)
Microsoft Security Bulletin MS08-017 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution 933103 Published: March 11, 2008 Version: 1.0 General Information Executive Summary This critical update resolves two privately reported vulnerabilities in Microsof...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow
Overview The Microsoft Office Web Components ActiveX controls contain a stack buffer overflow in the processing of URLs, which allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office Web Components are ActiveX controls that provide...
CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...
Memory corruption
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...
CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...
CVE-2006-4695
CVE-2006-4695 is a remote-code-execution vulnerability in Microsoft Office Web Components 2000 (OWC) due to a buffer/stack overflow when parsing specially crafted URLs in the OWC.Spreadsheet.9 ActiveX control. Exploitation could occur when a user views a malicious page, potentially giving the att...
CVE-2006-4695
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via a crafted URL, aka "Office Web Components URL Parsing Vulnerability."...
CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...