PT-2008-4870 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 6 Description: The issue arises from improper error handling when using the componentFromPoint method on xml objects that have been incorrectly initialized or deleted, allowing remote attackers to execute...

PT-2008-4872 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Microsoft Excel versions 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 Description: The issue arises from improper validation of data in the VBA Performance Cache when processing an Office document with an embedded object. This allows remote...

Cumulative Security Update for Internet Explorer (950759)

This host has Microsoft Internet Explorer installed, which is prone to HTTP request splitting/smuggling and HTML Objects Memory Corruption Vulnerabilities. OpenVAS Vulnerability Test $Id: gbms08-031.nasl 5863 2017-04-05 07:38:11Z antu123 $ Cumulative Security Update for Internet Explorer 950759...

Mozilla Foundation Security Advisory 2008-41

Mozilla Foundation Security Advisory 2008-41 Title: Privilege escalation via XPCnativeWrapper pollution Impact: Critical Announced: September 23, 2008 Reporter: mozbugra4, Olli Pettay Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.2 Firefox 2.0.0.17 Thunderbird 2.0.0.17 SeaMonkey...

[SECURITY] Fedora 9 Update: rubygem-activerecord-2.1.1-1.fc9

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

CVE-2008-4060

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to 1 the document.loadBindingDocument...

CVE-2008-4060

CVE-2008-4060 affects Mozilla Firefox (before 2.0.0.17 and 3.x before 3.0.2), Thunderbird (before 2.0.0.17), and SeaMonkey (before 1.1.12). The flaw, exploitable via document.loadBindingDocument and XSLT processing, could allow remote attackers to execute arbitrary code with chrome privileges. Th...

CVE-2008-4060

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to 1 the document.loadBindingDocument...

Debian Security Advisory DSA 1614-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 1614-1. OpenVAS Vulnerability Test $Id: deb16141.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1614-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1614-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory corruption

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions...

Memory corruption

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption...

CVE-2008-0120

Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocation Vulnerability."...

CVE-2008-0120

CVE-2008-0120 concerns Microsoft PowerPoint Viewer 2003. The issue is an integer overflow in the handling of embedded CString objects within a PowerPoint file’s picture index, leading to remote code execution if a user opens a malformed file. Technical sources (NVD, SAINT/OSVDB mirrors, and OpenV...

Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects...

Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects...

MS Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)

No description provided by source. !-- placed into html for your testing. /str0ke !/usr/bin/perl Internet Explorer COM Objects Instantiation Proof of Concept Exploit MS05-038 Bindshell on port 28876 - Based and ripped from Berend-Jan Wever's IE Exploit Vulnerable Objects :...

Debian DSA-1621-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...

DSA-1621-1 icedove - several vulnerabilities

Bulletin has no description...

Debian DSA-1614-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter...