CVE-2007-1201

CVE-2007-1201 is a remote code execution vulnerability in Microsoft Office Web Components 2000 related to the DataSource handling that can trigger memory corruption. Multiple sources describe the DataSource Vulnerability as allowing an attacker to execute arbitrary code in the user’s context by v...

Microsoft Office Web Components Multiple Buffer Overflows (MS08-017; CVE-2006-4695; CVE-2007-1201; CVE-2009-0562; CVE-2009-1136; CVE-2009-1534; CVE-2009-2493; CVE-2009-2496)

Microsoft Office Web Components are a collection of Component Object Model COM controls for publishing spreadsheets, charts, and databases to the Web, and for viewing the published components on the Web. A remote code execution vulnerability has been reported in Microsoft Office Web Components. A...

Microsoft Office Web Components ActiveX Control DataSource Remote Code Execution Vulnerability

Description Microsoft Office Web Components is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the conte...

Debian Security Advisory DSA 1511-1 (libicu)

The remote host is missing an update to libicu announced via advisory DSA 1511-1. OpenVAS Vulnerability Test $Id: deb15111.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1511-1 libicu Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Mambo Components ensenanzas "id" Remote SQL Injection

Aria-Security Team Persian Security Network http://Aria-Security.Net/ ---------------------------- Shoutz: Aura, NULL, Kinglet, iM4N, Imm02tal Mambo Components ensenanzas "id" Remote SQL Injection Original Advisory: http://forum.aria-security.net/showthread.php?p=1731...

MS08-017: Description of the security update for BizTalk Server Office Web Components: March 11, 2008

A security vulnerability exists in the Microsoft BizTalk Server Office Web Components that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability.INTRODUCTIONMicrosoft has released security bulletin MS08-017. The security bulletin...

Microsoft Office Web Components ActiveX Control URL Parsing Remote Code Execution Vulnerability

Description Microsoft Office Web Components is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the conte...

Debian DSA-1511-1 : libicu - various

Several local vulnerabilities have been discovered in libicu, International Components for Unicode, The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-4770 libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process...

atutor155-xss.txt

====================================================================== ATutor Impact: Cross Site Scripting Status: patch available ------------------------------ Affected software description: ------------------------------ Application: ATutor Version: = 1.5.5 Vendor: http://www.atutor.ca...

Design/Logic Flaw

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

CVE-2007-4770

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

CVE-2007-4770

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...

CVE-2007-4771

CVE-2007-4771 is a heap-based overflow in ICU’s regex handling (doInterval in regexcmp.cpp) affecting ICU 3.8.1 and earlier. Attackers could cause memory consumption or denial of service by processing a crafted regular expression that writes a large amount of data to the backtracking stack. Affec...

CVE-2007-4770

CVE-2007-4770 affects the ICU libicu library. The issue arises when processing backreferences to capture group zero (\0), potentially causing memory corruption in RE stack frames and leading to a denial-of-service crash. The vulnerability is documented with; affected products include ICU in ICU4J...

CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode ICU 3.8.1 and earlier allows context-dependent attackers to cause a denial of service memory consumption and possibly have unspecified other impact via a regular expression that...

CVE-2007-4770

libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...

Important: Red Hat Security Advisory: icu security update

Updated icu packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The International Components for Unicode ICU library provides robust and full-featured Unicode...

CVE-2008-0444

Cross-site scripting XSS vulnerability in Electronic Logbook ELOG before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via subtext parameter to unspecified components...

March Networks DVR 3204 Logfile Information Disclosure Exploit

Exploit for hardware platform in category remote exploits ============================================================== March Networks DVR 3204 Logfile Information Disclosure Exploit ============================================================== !/usr/bin/perl March Networks DVR 3204 Logfile...