Design/Logic Flaw

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service Internet Explorer 7 crash via a long 1 DoOleCommand, 2 FTPDownloadFile, 3 FTPUploadFile, 4 HttpUploadFile, 5 GotoPage, 6 Save, 7 SaveWebFile, 8 HttpDownloadFile, 9 Open, 10 OpenWebFile, 11...

PowerPoint Viewer OCX 3.2 (ActiveX Control) Denial of Service Exploit

No description provided by source. span style="font: 10pt Courier New;"span class="general1-symbol"----------------------------------------------------------------------------- bPowerPointViewer.ocx v. 3.1.0.3 multiple methods Denial of Service/b url: urlhttp://www.officeocx.com//url price: from...

CVE-2007-2496

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service Internet Explorer 7 crash via a long 1 DoOleCommand, 2 FTPDownloadFile, 3 FTPUploadFile, 4 HttpUploadFile, 5 GotoPage, 6 Save, 7 SaveWebFile, 8 HttpDownloadFile, 9 Open, 10 OpenWebFile, 11...

Office Viewer OCX 3.2.0.5 - Multiple Denial of Service Vulnerabilities

2007/05/04 ----------------------------------------------------------------------------- Office Viewer OA.ocx v. 3.2.0.5 multiple methods Denial of Service url: http://www.officeocx.com/ price: from �77.95 update to last version to �1,558.95 Royalty author: shinnai mail:...

Word Viewer OCX 3.2 - Remote Denial of Service

Word Viewer OCX 3.2 - Remote Denial of Service 2007/05/03 ----------------------------------------------------------------------------- WordViewer.ocx v. 3.2.0.5 multiple methods Denial of Service url: http://www.officeocx.com/ price: from €63.95 update to last version to €1,585.95 Royalty...

Word Viewer OCX 3.2 - Remote Denial of Service

2007/05/03 ----------------------------------------------------------------------------- WordViewer.ocx v. 3.2.0.5 multiple methods Denial of Service url: http://www.officeocx.com/ price: from €63.95 update to last version to €1,585.95 Royalty author: shinnai mail: shinnaiatautisticidotorg...

Excel Viewer OCX 3.1.0.6 - Multiple Denial of Service Vulnerabilities

2007/05/02 ----------------------------------------------------------------------------- ExcelViewer.ocx v. 3.1.0.6 multiple methods Denial of Service url: http://www.officeocx.com/ sell: from €63.95 update to last version to €1,585.95 Royalty author: shinnai mail: shinnaiatautisticidotorg...

PowerPoint Viewer OCX 3.2 (ActiveX Control) Denial of Service Exploit

Exploit for unknown platform in category dos / poc ===================================================================== PowerPoint Viewer OCX 3.2 ActiveX Control Denial of Service Exploit ===================================================================== 2007/05/01...

PowerPoint Viewer OCX 3.2 - ActiveX Control Denial of Service

2007/05/01 ----------------------------------------------------------------------------- PowerPointViewer.ocx v. 3.1.0.3 multiple methods Denial of Service url: http://www.officeocx.com/ price: from €63.95 update to last version to €1,585.95 Royalty author: shinnai mail:...

Buffer overflow

Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string...

CVE-2007-2359

CVE-2007-2359 concerns a buffer overflow in Ghost Service Manager used by Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery and BackupExec System Recovery prior to 20070426. The vulnerability arises from handling of a long string, enabling local users to gain privileges (local pri...

CVE-2007-2361

CVE-2007-2361 affects Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery and BackupExec System Recovery prior to 20070426. When remote backups of restore points are configured, a configuration file containing network share credentials is world-readable, allowing local users to read...

CVE-2007-2360

CVE-2007-2360 affects Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery prior to 20070426. When remote backups of restore point images are configured, network share credentials are encrypted with a key formed by a hash of the username, allowing loca...

CVE-2007-1363

Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in the delete action in a search.php or b search-pda.php, or the 2 calories parameter in a save action in editlogcal.php...

CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

Design/Logic Flaw

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

PHP Session.Save_Path() TMPDIR Open_Basedir限制绕过漏洞

PHP是一款广泛使用的WEB开发脚本语言。 PHP session.savepath存在openbasedir绕过问题，远程攻击者可能利用此漏洞结合其他漏洞进行进一步攻击，如包含文件。 当提供空会话保存路径时，文件会话存储模块通过TMPDIR环境变量指定回调的路径，不幸的是回调发生在openbasedir检查之后，可导致安全检查被绕过。进行其他进一步攻击。 PHP PHP 5.2.1 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 PHP PHP 5.1.3 PHP PHP 5.1.2 PHP PHP 5.1.1 PHP P...

Opera security advisory 2004-12-10 – Opera Security Advisories

Opera security advisory 2004-12-10 – Opera Security Advisories OPCOM Team | February 9, 2007 Opera security advisory Named frames or windows can be hi-jacked by malicious frames or windows. Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog...