259 matches found
McAfee Subscription Manager Stack Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'McAfee...
AEC Subscription Manager Component for Mambo / Joomla! 'usage' Parameter SQLi
The version of the AEC Subscription Manager component for Joomla! and Mambo running on the remote host is affected by a SQL injection vulnerability in the acctexp.class.php script due to improper sanitization of user-supplied input to the 'usage' parameter before using it to construct database...
McAfee Security Center McSubMgr.DLL ActiveX控件远程溢出漏洞
McAfee Security Center是用于控制和监控McAfee安全产品的集中配置GUI。 McAfee Security Center的ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户机器。 SecurityCenter所安装的Subscription Manager ActiveX控件: ProgId:McSubMgr.McSubMgr ClassId:9BE8D7B2-329C-442A-A4AC-ABA9D7572602 文件:MCSUBMGR.DLL, McAfee Subscription manager module 6.0.0.13...
Buffer overflow
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control MCSUBMGR.DLL in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument...
CVE-2007-2584
CVE-2007-2584 describes a buffer overflow in the IsOldAppInstalled function of McSubMgr.McSubMgr (MCSUBMGR.DLL) used by McAfee SecurityCenter. Vulnerable are SecurityCenter versions before 6.0.25 and 7.x before 7.2.147. A crafted argument can allow remote code execution with full impact on confid...
paypal-inject.txt
Paypal Subscription Manager allows webmaster easily create subscription web site, visitors can access to digital product instantly after paying through Paypal, PSM provides ability to effortlessly process subscription and protect membership areas. PSM uses PHP and MySQL for fast, efficient,...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/editmember.php in Easebay Resources Paypal Subscription Manager allows remote attackers to inject arbitrary web script or HTML via the username parameter...
Sql injection
SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter...
CVE-2007-0403
SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter...
CVE-2007-0403
CVE-2007-0403 is a SQL injection in Easebay Resources' Paypal Subscription Manager (admin/memberlist.php) exploitable via the keyword parameter. Remote attackers can execute arbitrary SQL commands. This is documented in NVD and related records; no exploitation specifics or fixes are provided in t...
CVE-2007-0402
CVE-2007-0402 describes a cross-site scripting (XSS) vulnerability in the Admin module: admin/edit_member.php of Easebay Resources Paypal Subscription Manager. The issue allows remote attackers to inject arbitrary web script or HTML through the username parameter. The vulnerability is documented ...
Paypal Subscription Manager Multiple HTML Injections
Paypal Subscription Manager allows webmaster easily create subscription web site, visitors can access to digital product instantly after paying through Paypal, PSM provides ability to effortlessly process subscription and protect membership areas. PSM uses PHP and MySQL for fast, efficient,...
McAfee产品查验管理器栈溢出漏洞
McAfee产品查验管理器(McAfee Subscription Manager)是随McAfee很多产品一起发布的用于管理产品许可权限组件,它是一个ActiveX控件,厂商可以通过它检查产品的使用合法性。 McAfee产品查验管理器实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 产品查验管理器的实现模块McSubMgr.dll没有检查传入的参数长度,远程攻击者可以诱使用户访问恶意网站,在网页脚本中向McSubMgr.dll传送超过3000字节长的数据导致发生栈溢出,从而执行任意指令。 0 McAfee VirusScan 9.x McAfee...
McAfee Subscription Manager Stack Buffer Overflow
This module exploits a flaw in the McAfee Subscription Manager ActiveX control. Due to an unsafe use of vsprintf, it is possible to trigger a stack buffer overflow by passing a large string to one of the COM-exposed routines, such as IsAppExpired. This vulnerability was discovered by Karl Lynn of...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
McAfee Subscription Manager ActiveX control vulnerable to stack buffer overflow
Overview The McAfee Subscription Manager ActiveX control contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description ActiveXActiveX is a technology that allows programmers to create reusable software components that can be incorporated int...
McAfee Subscription Manager ActiveX buffer overflow
Buffer overflow in McSubMgr.dll marked safe for scripting...