CVE-2005-2704

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface...

pwnzilla.txt

/ SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan Wever. .SS sSSSSSSP Official release:...

security flaw

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface...

Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (v2)

No description provided by source. HTMLSCRIPT / SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan Wever. .SS...

CVE-2005-3008

Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes...

CVE-2005-3008

Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes...

CVE-2005-3008

CVE-2005-3008 affects Tofu 0.2, where remote attackers can cause arbitrary Python code execution by sending crafted pickled objects that Tofu unpickles and executes. Root cause is untrusted unpickling of serialized data. The provided documents describe the vulnerability and its impact as remote c...

CVE-2005-2875

Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes...

CVE-2005-2875

Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes...

CVE-2005-2875

CVE-2005-2875 affects Py2Play, where remote untrusted pickled objects can be unpicked and executed, enabling arbitrary code execution. Multiple sources (Debian DSA-856-1, GLSA 200509-09, Gentoo/OpenVAS advisories, and the GHSA entry) describe py2play as a remote-execution risk via untrusted data ...

CVE-2005-2656

Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...

DEBIAN-CVE-2005-2656

Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...

Debian DSA-794-1 : polygen - programming error

Justin Rye noticed that polygen generates precompiled grammar objects world-writable, which can be exploited by a local attacker to at least fill up the filesystem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...

CVE-2005-2127

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally...

CVE-2005-2127

CVE-2005-2127 is a remote code-execution vulnerability in Internet Explorer 5.01/5.5/6 related to memory corruption when instantiating certain COM objects not designed for IE. The issue, documented as COM Object Instantiation Memory Corruption, affects multiple CLSIDs (e.g., Msdds.dll, Blnmgrps.d...

[Full-disclosure] COM objects and MSIE vulnerabilities recap + additional fix

Disclaimer: The information in this email is distributed WITHOUT ANY WARRANTY, TO THE EXTENT PERMITTED BY APPLICABLE LAW; without even the implied warranty of CORRECTNESS or FITNESS FOR A PARTICULAR PURPOSE. You know the drill... Affected products: Various COM objects when loaded in Microsoft...

CVE-2005-1990

Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including 1 devenum.dll, 2 diactfrm.dll, 3...

CVE-2005-1990

CVE-2005-1990 affects Internet Explorer 5.0, 5.5, and 6.0. The vulnerability arises from improper instantiation of certain COM objects as ActiveX controls, causing a buffer/memory corruption in the host process and potentially enabling command execution or a crash. Affected components include a s...

MS Internet Explorer (blnmgr.dll) COM Object Remote Expl (MS05-038)

Exploit for unknown platform in category remote exploits ====================================================================== MS Internet Explorer blnmgr.dll COM Object Remote Exploit MS05-038 ====================================================================== !-- placed into html for your...

Microsoft Internet Explorer COM Object Instantiation Buffer Overflow Vulnerability

Description Microsoft Internet Explorer is prone to a buffer-overflow vulnerability that is exposed when certain COM objects are instantiated as ActiveX controls. A malicious webpage could pass content to these objects to trigger memory corruption. Successful exploits could let remote attackers...