EUVD-2010-3494

Malware in sbrugna...

EUVD-2010-3495

Malware in sbrugna...

CVE-2010-3499

F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too la...

McAfee VirusScan Enterprise 8.5 / 8.7 hcp:// Security Bypass (SB10012)

The remote Windows host has McAfee VirusScan Enterprise version 8.5 or 8.7. It is, therefore, affected by a security bypass vulnerability due to a failure to properly interact with the processing of 'hcp://' URLs. This can lead to malware execution prior to detection. C Tenable Network Security,...

McAfee VirusScan Enterprise Security Bypass Vulnerability (Windows)

This host is installed with McAfee VirusScan Enterprise and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: gbmcafeevsesecuritybypassvulnwin.nasl 6074 2017-05-05 09:03:14Z teissa $ McAfee VirusScan Enterprise Security Bypass Vulnerability Windows Authors: Arun Kallavi...

AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability

The host is installed with AVG Anti-Virus and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbavgantivirusremotecodeexecvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability Authors: Madhuri D...

CVE-2010-3497

Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that...

CVE-2010-3499

F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too la...

Code injection

F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too la...

CVE-2010-3498

AVG Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to...

CVE-2010-3499

CVE-2010-3499 concerns F‑Secure Anti‑Virus and its interaction with the processing of hcp:// URLs in the Microsoft Help and Support Center. The vulnerability description states that, although malware may be detected by the product, the detection approach can occur too late to stop code execution,...

CVE-2008-5404

Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable...

Design/Logic Flaw

Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable...

Security feature bypass

Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control ChilkatCrypt2.dll 4.3.2.1 in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating...

CVE-2008-5002

Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control ChilkatCrypt2.dll 4.3.2.1 in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating...

Remote code execution

The GdPicture 1 Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control gdpicture4s.ocx 4.7.0.1 and 2 Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control gdpicturepro5s.ocx 5.7.0.1 allows remote attackers to create, overwrite, and modify arbitrary files via the SaveAsPDF method...

CVE-2008-4453

The CVE-2008-4453 issue affects GdPicture Pro Imaging SDK 5.7.1 (GdPicturePro5S.Imaging) and GdPicture Light Imaging Toolkit 4.7.1 (GdPicture4S.Imaging) ActiveX controls (gdpicture4s.ocx, gdpicturepro5s.ocx). The SaveAsPDF method fails to validate input to the sFilePath parameter, enabling remote...

CVE-2008-4342

NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control NMSDVDX.dll 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, Blaze Media Pro 8.02 Special Edition, and possibly other products, allows remote attackers to overwrite and create arbitrary files via...

Remote code execution

The Chilkat XML ChilkatUtil.CkData.1 ActiveX control ChilkatUtil.dll 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the 1 SaveToFile, 2 SaveToTempFile, or 3 AppendBinary method. NOTE: this issue might only be exploitable in...

Remote code execution

NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control NMSDVDX.dll 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, Blaze Media Pro 8.02 Special Edition, and possibly other products, allows remote attackers to overwrite and create arbitrary files via...