7726 matches found
Scriptable plugin execution in SeaMonkey mail — Mozilla
Security researcher Georgi Guninski reported that scriptable plugin content, such as Flash objects, could be loaded and executed in SeaMonkey mail messages by embedding the content in an iframe inside the message. If a user were to reply to or forward such a message, malicious JavaScript embedded...
CVE-2010-0806
Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...
Memory corruption
Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...
CVE-2010-0806
Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...
VulnCheck KEV: CVE-2010-0806
Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010,...
PT-2010-2535
Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 7 Description The issue is a use-after-free vulnerability in the Peer Objects component, which allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer...
Quiksoft EasyMail Objects AddAttachments() ActiveX Control BOF Vulnerability
This host is installed with QuikSoft EasyMail Objects ActiveX Control and is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbquiksofteasymailobjactivexbofvulnmar10.nasl 5368 2017-02-20 14:34:16Z cfi $ Quiksoft EasyMail Objects AddAttachments ActiveX Control BOF...
Quiksoft EasyMail Objects AddAttachments() ActiveX Control BOF Vulnerability
QuikSoft EasyMail Objects ActiveX Control is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2009-4663
Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method...
CVE-2009-4663
Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method...
CVE-2009-4663
CVE-2009-4663 affects Quiksoft EasyMail Objects AddAttachments() ActiveX Control (part of the EasyMail Objects suite). The vulnerability is a heap-based buffer overflow in the AddAttachment method that can be triggered by sending a long argument, enabling remote code execution. Multiple connected...
KLA10148 ACE vulnerability in Quiksoft Easymail Objects
A buffer overflow was found in QuikSoft EasyMail Objects. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to the connection method. Original advisories - Related products...
Google Researcher Ships Exploit to Defeat ASLR+DEP
A prominent security researcher has released an exploit that uses a new technique to defeat ALSR + DEP on Microsoft’s Windows operating system. The exploit, released by Google security researcher “SkyLined,” uses the ret-into-libc technique to bypass DEP Data Execution Prevention and launch code...
Debian DSA-1950-1 : webkit - several vulnerabilities
Several vulnerabilities have been discovered in WebKit, a Web content engine library for Gtk+. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, allows remote attackers to execute...
[SECURITY] Fedora 12 Update: pdfedit-0.4.3-4.fc12
Free pdf editing using PdfEdit. Complete editing of pdf documents is made possible with PDFedit. You can change either raw pdf objects for advanced users or use predefined gui functions. Functions can be easily added as everything is based on a script...
[SECURITY] Fedora 12 Update: fwbuilder-3.0.7-1.fc12
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. GUI generates firewall description in the form of XML file, which compilers then interpret...
Adobe Acrobat and Adobe Reader Plugin Object Reloading Memory Corruption (CVE-2009-2983)
Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. In addition t...
Internet Explorer DOM Object Cache Management Memory Corruption (MS07-069; CVE-2007-5344)
Microsoft Internet Explorer IE is the most widely used web browser application. The browser is capable of processing HTML, scripting languages, and interpretation of various other popular Internet specifications. There are numerous versions of the HTML standard that are interpreted by the browser...
DSA-1988-1 qt4-x11 - several vulnerabilities
Bulletin has no description...
CVE-2010-0246
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a...