Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits (950760)

Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits 950760 Published: June 10, 2008 Version: 1.0 General Information Executive Summary This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could...

Microsoft IE Speech API 4 COM对象实例化缓冲区溢出漏洞（MS07-033）

Internet Explorer是一款非常流行的WEB浏览器。 IE中使用的Speech API的ActiveX控件实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户机器。 IE中使用了Microsoft Speech API软件包提供文本-语音和语音识别功能。Microsoft Speech...

Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)

No description provided by source. !-- 01/06/2007 23.19.50 Microsoft Windows DirectSpeechSynthesis Module XVoice.dll / DirectSpeechRecognition Module Xlisten.dll remote buffer overflow exploit / 2k sp4 seh version both the dlls are located in %SystemRoot%\speech folder...

Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)

No description provided by source. !-- 6.30 10/06/2007 Microsoft Windows DirectSpeechSynthesis Module XVoice.dll 4.0.4.2512 / DirectSpeechRecognition Module Xlisten.dll 4.0.4.2512 remote buffer overflow exploit/ xp sp2 version both dlls are vulnerable, this is the poc for the first one...

Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)

Exploit for unknown platform in category remote exploits ================================================================ Microsoft Speech API ActiveX control Remote BoF Exploit xp sp2 ================================================================ REM metasploit, add a user 'su' with pass 'tzu'...

Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow (MS07-033)

Microsoft Speech API ActiveX Control Windows XP SP2 - Remote Buffer Overflow MS07-033 REM metasploit, add a user 'su' with pass 'tzu' scode =...

Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow (MS07-033)

Microsoft Speech API ActiveX Control Windows 2000 SP4 - Remote Buffer Overflow MS07-033 !-- 01/06/2007 23.19.50 Microsoft Windows DirectSpeechSynthesis Module XVoice.dll / DirectSpeechRecognition Module Xlisten.dll remote buffer overflow exploit / 2k sp4 seh version both the dlls are located in...

Microsoft Speech API memory corruption

Added: 06/13/2007 CVE: CVE-2007-2222 BID: 24426 OSVDB: 35353 Background Microsoft Speech API allows development of Windows applications supporting speech-based interaction. Problem A memory corruption vulnerability in Microsoft Speech API 4 allows command execution when a user loads a specially...

Microsoft Speech API memory corruption

Added: 06/13/2007 CVE: CVE-2007-2222 BID: 24426 OSVDB: 35353 Background Microsoft Speech API allows development of Windows applications supporting speech-based interaction. Problem A memory corruption vulnerability in Microsoft Speech API 4 allows command execution when a user loads a specially...

Microsoft Speech API memory corruption

Added: 06/13/2007 CVE: CVE-2007-2222 BID: 24426 OSVDB: 35353 Background Microsoft Speech API allows development of Windows applications supporting speech-based interaction. Problem A memory corruption vulnerability in Microsoft Speech API 4 allows command execution when a user loads a specially...

Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow (MS07-033)

REM metasploit, add a user 'su' with pass 'tzu' scode =...

Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow (MS07-033)

!-- 01/06/2007 23.19.50 Microsoft Windows DirectSpeechSynthesis Module XVoice.dll / DirectSpeechRecognition Module Xlisten.dll remote buffer overflow exploit / 2k sp4 seh version both the dlls are located in %SystemRoot%\speech folder and they are vulnerable to the same issue. while on 2k it...

Microsoft Speech API memory corruption

Added: 06/13/2007 CVE: CVE-2007-2222 BID: 24426 OSVDB: 35353 Background Microsoft Speech API allows development of Windows applications supporting speech-based interaction. Problem A memory corruption vulnerability in Microsoft Speech API 4 allows command execution when a user loads a specially...

Immunity Canvas: SPEECH

Name| speech ---|--- CVE| CVE-2007-2222 Exploit Pack| CANVAS Description| Microsoft Speech API 4v MS07-033 Notes| CVE Name: CVE-2007-2222 VENDOR: Microsoft MSADV: MS07-033 Repeatability: Infinite client side - no crash MSRC: http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx CVE URL...

Microsoft Speech API ActiveX controls contain buffer overflows

Overview The Microsoft Speech API ActiveListen and ActiveVoice ActiveX controls contain multiple buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Speech API is a software package that provides text-to-spee...

Design/Logic Flaw

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...