CVE-2012-0158

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

CVE-2012-0158

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

CVE-2012-0158

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

Microsoft: Six Bulletins, Four Critical In April Patch

Microsoft issued six patches, four of which were critical in the April 2012 software updates. The company released its monthly patch Tuesday. The patches affect Microsoft Windows, Internet Explorer, the .NET Framework, Office, SQL Server, Server Software, Developer Tools, and Forefront United...

PT-2012-1210

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 Office 2003 Web Components version SP3 SQL Server versions 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2 BizTalk Server version 2002 SP1 Commerce Server versions 2002...

CVE-2012-0158

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability

Description Microsoft Windows Common Controls is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the...

National Center EDU Research - SQL Injection Vulnerability

Document Title: =============== National Center EDU Research - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=415 Release Date: ============= 2012-04-08 Vulnerability Laboratory ID VL-ID: ====================================...

Microsoft Releases April Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Server Software, Developer Tools, and Forefront United Access Gateway as part of the Microsoft Security Bulletin Summary for April 2012. These vulnerabilities may...

Fedora Update for rubygem-rails FEDORA-2011-11386

Check for the Version of rubygem-rails OpenVAS Vulnerability Test Fedora Update for rubygem-rails FEDORA-2011-11386 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora Update for WebCalendar FEDORA-2012-1934

Check for the Version of WebCalendar OpenVAS Vulnerability Test Fedora Update for WebCalendar FEDORA-2012-1934 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

PHP SQL Server (MSSQL) Query Analyzer Remote Code Execution

Exploit for php platform in category web applications ?php / +------------------------------------------------------------------+ + PHP SQL Server MSSQL Query Analyzer Remote Code Execution + +------------------------------------------------------------------+ Web-App : PHP SQL Server MSSQL Query...

VMware ESXi/ESX Third party component updates (VMSA-2011-0003.2)

The remote ESXi is missing one or more security related Updates from VMSA-2011-0003.2. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

The Mole v0.3 Released : Automatic SQL Injection Exploitation Tool

The Mole v0.3 Released : Automatic SQL Injection Exploitation Tool Nasel has just released the new version of The Mole, an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the...

Database Open Access Information Disclosure Vulnerability

Various Database server might be prone to an information disclosure vulnerability if accessible to remote systems. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

[SECURITY] Fedora 16 Update: WebCalendar-1.2.4-3.fc16

WebCalendar is a PHP-based calendar application that can be configured as a single-user calendar, a multi-user calendar for groups of users, or as an event calendar viewable by visitors. MySQL, PostgreSQL, Oracle, DB2, Interbase, MS SQL Server, or ODBC is required. WebCalendar can be setup in a...

Microsoft SQL Server Payload Execution

This module executes an arbitrary payload on a Microsoft SQL Server by using the "xpcmdshell" stored procedure. Currently, three delivery methods are supported. First, the original method uses Windows 'debug.com'. File size restrictions are avoided by incorporating the debug bypass method present...

VOXTRONIC Voxlog Professional 3.7.2.729 SQL Injection

Exploit for php platform in category web applications SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: VOXTRONIC voxlog professional - voice recording solution vulnerable...

VOXTRONIC Voxlog Professional 3.7.2.729 SQL Injection / Disclosure

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: VOXTRONIC voxlog professional - voice recording solution vulnerable version: VOXTRONIC voxlog professional = 3.7.2.729 webclien...

SureBackup fails: Failed to call RPC function - Access is Denied

Challenge When the Veeam vPower NFS Service on the Mount Server used by the SureBackup job is set to use any account other than Local SystemThe default configuration is for the Veeam vPower NFS Service to "Log On As" the 'Local System' account., and that account is not a member of the Local...