Null pointer dereference

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer...

CVE-2011-4042

An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer...

Directory traversal

Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on the server...

CVE-2012-0246

Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on the server...

Hardcoded credentials

The Web Configuration tool in VMware vCenter Orchestrator vCO 4.0 before Update 4, 4.1 before Update 2, and 4.2 before Update 1 places the vCenter Server password in an HTML document, which allows remote authenticated administrators to obtain sensitive information by reading this document...

Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability (Windows)

This host is installed with Apple Safari web browser and is prone to address bar spoofing vulnerability. OpenVAS Vulnerability Test $Id: gbapplesafariaddressbarspoofinvulnwin.nasl 5963 2017-04-18 09:02:14Z teissa $ Apple Safari 'setInterval' Address Bar Spoofing Vulnerability Windows Authors:...

2X Client TuxClientSystem ActiveX InstallClient() Method Arbitrary MSI Package Installation

The version of the TuxClientSystem ActiveX control, part of the 2X Client, installed on the remote Windows host is earlier than 10.1 Build 1239. As such, its 'InstallClient' method reportedly accepts a URL to an MSI package and allows installation of an application without explicit user approval...

LuraWave JP2 ActiveX Control < 2.1.5.11 jp2_x.dll Remote Buffer Overflow

The version of the LuraWave JP2 ActiveX control installed on the remote Windows host reportedly contains a stack-based buffer overflow vulnerability. If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, he can leverage this issue to execute arbitrar...

CVE-2012-0189

Multiple unspecified vulnerabilities in the 1 PrintFile and 2 SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document...

Design/Logic Flaw

Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX control in mraboutb.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document...

Design/Logic Flaw

Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document...

Hardcoded credentials

Multiple unspecified vulnerabilities in the 1 PrintFile and 2 SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2012-0188

Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX control in mraboutb.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2012-0189

Multiple unspecified vulnerabilities in the 1 PrintFile and 2 SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2012-0190

Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2012-0189

IBM SPSS SamplePower 3.0 on Windows is affected by CVE-2012-0189 in the VsVIEW6.ocx ActiveX control (SaveDoc method). The vulnerability allows remote code execution when the ActiveX control is instantiated from Internet Explorer; exploitation requires user interaction (visiting a malicious page o...

CVE-2012-0188

IBM SPSS products (Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, 6.0.1) are affected by CVE-2012-0188 due to a buffer overflow in the SetLicenseInfoEx() method of the mraboutb.dll ActiveX control. The vulnerability arises from copying the first parameter (strInstallDir) into a 256-byte global...

Google Chrome Multiple Information Disclosure Vulnerabilities - Mac OS X

Google Chrome is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-5068

The Cascading Style Sheets CSS implementation in Opera 10.5 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264...

CVE-2010-5069

The Cascading Style Sheets CSS implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. NOTE: this may overlap CVE-2010-2264...