Memory corruption

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets CSS selectors, related to a "memory handling erro...

CVE-2008-1434

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets CSS selectors, related to a "memory handling erro...

CVE-2008-1101

Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy formerly Verity KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML docume...

Buffer overflow

Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy formerly Verity KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with 1 "large chunks of data," or a long URL in the 2 BACKGROUND attribute of a BO...

Adobe Form Designer and Advanced Form Client ActiveX controls contain multiple buffer overflows

Overview Adobe Form Designer and Advanced Form Client contain multiple ActiveX buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Adobe Form Designer and Advanced Form Client software provide multiple ActiveX...

Microsoft Visual FoxPro ActiveX Control Buffer Overflow (MS08-010; CVE-2007-4790)

Microsoft Visual FoxPro is an application development tool for building database applications. This vulnerability is due to a memory corruption error in certain ActiveX objects of Microsoft Visual FoxPro when it is used in Microsoft Internet Explorer. A remote attacker could exploit this issue by...

SwiftView ActiveX control and plug-in stack buffer overflow

Overview The SwiftView ActiveX control and plug-in contain a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SwiftView is software used to view or print PCL, HPGL, and TIFF files. SwiftSend is a product used f...

Gateway CWebLaunchCtl ActiveX control buffer overflow

Overview The Gateway CWebLaunchCtl ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable sytem. Description The Gateway Computers CWebLaunchCtlActiveX control, which is provided by weblaunch.ocx and weblaunch2.ocx,...

CVE-2007-5375

Interpretation conflict in the Sun Java Virtual Machine JVM allows user-assisted remote attackers to conduct a multi-pin DNS rebinding attack and execute arbitrary JavaScript in an intranet context, when an intranet web server has an HTML document that references a "mayscript=true" Java applet...

CA eTrust Intrusion Detection CallCode ActiveX Control Code Execution (CVE-2007-3302)

A remote code execution vulnerability has been reported in CA eTrust Intrusion Detection. CA eTrust Intrusion Detection is a network intrusion management and prevention system, that includes real-time session monitoring and Internet web filtering capabilities. A remote attacker could exploit this...

VMware Workstation ActiveX Control vielib.dll Command Execution (CVE-2007-4058)

VMware Workstation is a virtualization technology that allows running multiple instances of virtual computers simultaneously with the hosting operating system. A remote attacker could exploit this issue by convincing a user to visit a specially crafted HTML document or open a malicious web page...

Callisto PhotoParade Player PhPInfo ActiveX control buffer overflow

Overview The Callisto PhotoParade Player PhPInfo ActiveX control contains a buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Callisto PhotoParade Player includes an ActiveX control called PhPinfo. The ActiveX control...

CVE-2007-4510

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...

IBM and Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures

Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...

Motive Communications ActiveUtils EmailData ActiveX control stack buffer overflows

Overview The Motive Communications ActiveUtils EmailData ActiveX control contains multiple stack buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description Motive Communications ActiveUtils is a software package used by multiple ISPs to provide...

CVE-2007-3930

Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting XSS attacks when spellchecking UTF-8 encoded messages via the spellutf8test function in lib/exe/spellcheck.php, which...

Design/Logic Flaw

The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, which might allow context-dependent attackers to obtain sensitive information by reading this document...

CVE-2007-3788

The vulnerability CVE-2007-3788 affects the eSoft InstaGate EX2 UTM device, where the admin password is stored within the settings HTML document. This exposes a risk that an attacker who can read that document may obtain sensitive information, potentially compromising confidentiality and integrit...

Apple Safari cross-domain HTTP redirection race condition

Overview Apple Safari contains a race condition when handling HTTP redirection when updating pages. This can allow a cross-domain violation. Description Apple Safari contains a race condition when updating pages. When this race condition is used in combination with an HTTP redirection, Safari may...

Apple Safari 3.0.1 for Windows - 'Corefoundation.dll' Denial of Service

source: https://www.securityfocus.com/bid/24497/info Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successful...