Couchbase Server 访问控制错误漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server versions prior to 7.0.4, which stems from the indexing service not...

Security Bulletin: Db2 Query Management Facility is vulnerable to CVE-2020-14781 (deferred from Oracle Oct 2020 CPU for Java 8)

Summary Db2 Query Management Facility is vulnerable to CVE-2020-14781 deferred from Oracle Oct 2020 CPU for Java 8 Vulnerability Details CVEID: CVE-2020-14781 DESCRIPTION: An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to obtain...

Security Bulletin: CVE-2020-2601 (deferred from Oracle Jan 2020 CPU)

Summary Steps to update Java for QMF Workstation & QMF Vision Vulnerability Details CVEID: CVE-2020-2601 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could allow an unauthenticated attacker to obtain sensitive information...

Reconerator - C# Targeted Attack Reconnaissance Tools

This is a custom .NET assembly which will perform a number of situational awareness activities. There are a number of current featuresets: BASIC - Obtains information from the disk and registry. LDAP - Allows customised AD LDAP queries to be made. RESOLVEHOST - Performs DNS lookup queries...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (3)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

Microsoft Indexing Service Query Validation Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19927/info Microsoft Indexing Service is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input before it is rendered to other users. An attacker may leverage...

Microsoft Indexing Service Loop Counter Underwrap Code Execution - Ver2 (CVE-2009-2507)

A remote code execution vulnerability has been reported in the Microsoft Indexing Service. A remote attacker could exploit this vulnerability by enticing a user to visit a malicious Web page. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on...

Microsoft Indexing Service ActiveX Memory Corruption (MS09-057) - Ver2 (CVE-2009-2507)

The Microsoft Windows Indexing Service is a base service that extracts content from files and constructs an indexed catalog to facilitate efficient and rapid searching. A remote code execution vulnerability has been reported in the Microsoft Indexing Service. The vulnerability is caused by an...

Microsoft Indexing Service - ixsso.dll ActiveX Control Denial of Service

Microsoft Indexing Service - ixsso.dll ActiveX Control Denial of Service source: https://www.securityfocus.com/bid/55202/info Microsoft Indexing Service 'ixsso.dll' ActiveX control is prone to a denial-of-service vulnerability due to a null-pointer dereference error. An attacker may exploit this...

Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service

source: https://www.securityfocus.com/bid/55202/info Microsoft Indexing Service 'ixsso.dll' ActiveX control is prone to a denial-of-service vulnerability due to a null-pointer dereference error. An attacker may exploit this issue by enticing victims into opening a malicious webpage or HTML email...

Microsoft IIS ISAPI Extension Indexing Service Buffer Overflow (MS01-033; CVE-2001-0500)

The Internet Information Server IIS is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a Web server component that is capable of serving static, as well as dynamic content. There exists a vulnerability in ISAPI extension idq.dll in...

Microsoft Windows索引服务ActiveX控件内存破坏漏洞（MS09-057）

BUGTRAQ ID: 36629 CVECAN ID: CVE-2009-2507 Windows是微软发布的非常流行的操作系统。 Windows的索引服务所包含的ActiveX控件未正确处理特制Web内容，导致Windows系统上的索引服务中存在内存破坏漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows...

Microsoft Windows Indexing Service ActiveX Vulnerability (969059)

This host is missing a critical security update according to Microsoft Bulletin MS09-057. OpenVAS Vulnerability Test $Id: secpodms09-057.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Indexing Service ActiveX Vulnerability 969059 Authors: Sharath S Copyright: Copyright c 2009 SecPod,...

Microsoft Windows Indexing Service ActiveX Vulnerability (969059)

This host is missing a critical security update according to Microsoft Bulletin MS09-057. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2009-2507

A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory...

Memory corruption

A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory...

CVE-2009-2507

A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory...

CVE-2009-2507

CVE-2009-2507 describes a remote code execution via an ActiveX control in the Microsoft Windows Indexing Service. The vulnerability arises because the Indexing Service ActiveX component does not properly handle specially crafted URLs, enabling a remote attacker to load/execute arbitrary code on a...

Microsoft Security Bulletin MS09-057 - Important Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)

Microsoft Security Bulletin MS09-057 - Important Vulnerability in Indexing Service Could Allow Remote Code Execution 969059 Published: October 13, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft Windows. The...

Microsoft Indexing Service ActiveX Memory Corruption (MS09-057; CVE-2009-2507)

The Microsoft Windows Indexing Service is a base service that extracts content from files and constructs an indexed catalog to facilitate efficient and rapid searching. A remote code execution vulnerability has been reported in the Microsoft Indexing Service. The vulnerability is caused by an...