Microsoft Internet Explorer fails to properly instantiate COM objects

Overview A vulnerability in the way Microsoft Internet Explorer instantiates COM objects may lead to execution of arbitrary code. Description Component Object Model, or COM objects are used to enable interprocess communication and dynamic object creation within Microsoft Windows. Microsoft Intern...

Microsoft Internet Explorer IMJPCKSI COM Object Instantiation Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability when instantiating certain COM objects. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application. This facilitates the remote...

EasyMail Objects 6.x - Connect Method Remote Stack Buffer Overflow

source: https://www.securityfocus.com/bid/22583/info EasyMail Objects is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data prior to copying it to an insufficiently sized buffer. An attacker can leverage this issue...

EasyMail Objects 6.x - Connect Method Remote Stack Buffer Overflow

EasyMail Objects 6.x - Connect Method Remote Stack Buffer Overflow source: https://www.securityfocus.com/bid/22583/info EasyMail Objects is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data prior to copying it to ...

Design/Logic Flaw

KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service daemon hang via a large number of requests for nonexistent objects...

EUVD-2007-0546

KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service daemon hang via a large number of requests for nonexistent objects...

CVE-2007-0548

KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service daemon hang via a large number of requests for nonexistent objects...

Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service

!/usr/bin/env python import socket print "-----------------------------------------------------------------------" print "Sami HTTP Server HTTP 404 - Object not found Denial of Service" print "url: http://www.karjasoft.com" print "author: shinnai" print "mail: shinnaiatautisticidotorg" print "sit...

LS-20061102 - Business Objects Crystal Reports XI Professional Stack Overflow Vulnerability

LS-20061102 LSsec has discovered a vulnerability in Business Objects Crystal Reports XI Professional, which could be exploited by an attacker in order to execute arbitrary code on an affected system. Exploitation requires that the attacker coerce the target user into opening a malicious .RPT file...

Multiple OpenSER vulnerabilities

Memory corruption on SMS parsing, buffer overflow on OSP parsing, on QuickCAM objects parsing...

flash plug-horse technology-vulnerability warning-the black bar safety net

Recently in a foreign country on the website to see an article about Backdooring Flash Objects the walkthroughof the article, the translation test a bit First class Backdoor function Backdoor static function mainmc getURL"javascript:alert'hello from backdoor'"; As the initial script, written in...

LiveConnect crash finalizing JS objects — Mozilla

Steven Michaud reported a crash in LiveConnect, the bridge code that allows Java applets and web JavaScript to communicate. The crash is due to re-use of an already-freed object and we presume this could be exploited with enough effort...

Linux Kernel Bluetooth CAPI DoS

It's possible to overwrite internal kernel objects with CAPI message...

Lanifex Database of Managed Objects Access_manager.PHP远程文件包含漏洞

Lanifex Database of Managed Objects是一款基于PHP的WEB应用程序。 Lanifex Database of Managed Objects不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Accessmanager.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 Lanifex Lanifex 2.3 Beta Lanifex Lanifex 2.2 无 !/usr/bin/perl use LWP::UserAgent; / +...

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Mozilla Firefox improperly handles Script objects while they are being executed. Mozilla Firefox has also been found to be vulnerable to various possible buffer overflows. Lastly, the binary...

[SECURITY] [DSA 1227-1] New Mozilla Thunderbird packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1227-1 [email protected] http://www.debian.org/security/ Martin Schulze December 4th, 2006 http://www.debian.org/security/faq -...

Debian DSA-1227-1 : mozilla-thunderbird - several vulnerabilities

Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-4310 Tomas Kempinsky discovered that malformed FTP server responses could lead...

DSA-1227-1 mozilla-thunderbird

Bulletin has no description...

CVE-2006-4412

The CVE-2006-4412 issue affects WebKit in Apple Mac OS X 10.3.x (up to 10.3.9) and 10.4.x (up to 10.4.8). A crafted HTML file could access previously deallocated objects, allowing remote attackers to execute arbitrary code. Apple released Security Update 2006-007 to address this and related vulne...

CVE-2006-4412

WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects...