Microsoft ATL Multiple ActiveX Remote Code Executions (MS09-037; CVE-2008-0020; CVE-2009-2493; CVE-2009-2494)

The Active Template Library ATL is a set of template-based C++ classes that simplify the programming of Component Object Model COM objects. Multiple remote code execution vulnerabilities have been reported in the Microsoft ATL. The vulnerabilities are due to an error in the Load method of the...

Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)

This host is missing a critical security update according to Microsoft Bulletin MS09-037. OpenVAS Vulnerability Test $Id: secpodms09-037.nasl 5363 2017-02-20 13:07:22Z cfi $ Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution 973908 Authors: Antu Sanadi Updated By: Madhuri D on...

Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)

This host is missing a critical security update according to Microsoft Bulletin MS09-037. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2009-4901 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 Description: The issue allows remote attackers to execute arbitrary code via vectors related to erroneous free...

Design/Logic Flaw

The Active Template Library ATL in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantCle...

CVE-2009-0901

The Active Template Library ATL in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantCle...

Microsoft Internet Explorer Remote Code Execution Vulnerability (963027)

This host is missing a critical security update according to Microsoft Bulletin MS09-014. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft PowerPoint Picture Index Variant Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...

Apple Safari 3.1 - Window.setTimeout Variant Content Spoofing

source: https://www.securityfocus.com/bid/28405/info Apple Safari is prone to a content-spoofing vulnerability that allows attackers to populate a vulnerable Safari browser window with arbitrary malicious content. During such an attack, the URL and window title will display the intended site, whi...

ZDI-08-006: Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability

ZDI-08-006: Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-006.html February 12, 2008 -- CVE ID: CVE-2008-077 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 Internet Explorer 7 --...

Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of the "by" property...

CVE-2007-4841

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a 1 mailto, 2 nntp, 3 news, or 4 snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7...

CVE-2007-4670

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285...

CVE-2007-2851

A certain ActiveX control in LeadTools Raster Variant Object Library LTRVR14e.dll 14.5.0.44 allows remote attackers to overwrite arbitrary files via the WriteDataToFile method...

sriweb-xss.txt

XSS found by fl0 fl0w in sri.ro Description: The Romanian Secret Service web site suffers from cross site scripting vulnerability. Author: fl0 fl0w Homepage: http://popesculescu.lx.ro File Size: 5,13 KB site 'search' variable XSS Cross Site Scripting in URI Desciption : This XSS variant usually...

LeadTools Raster Variant (LTRVR14e.dll) Remote File Overwrite Exploit

No description provided by source. pre span style="font: 14pt Courier New;"p align="center"b2007/05/21/b/p/span codespan style="font: 10pt Courier New;"span class="general1-symbol"----------------------------------------------------------------------------------------------------- bLeadTools Rast...

leadtools-overwrite.txt

2007/05/21 ----------------------------------------------------------------------------------------------------- LeadTools Raster Variant Object Library LTRVR14e.dll v. 14.5.0.44 Remote Arbitrary File Overwrite url: http://www.leadtools.com/ price: eheheh, take a look at thier site : author:...

LeadTools Raster Variant - 'LTRVR14e.dll' Remote File Overwrite

2007/05/21 ----------------------------------------------------------------------------------------------------- LeadTools Raster Variant Object Library LTRVR14e.dll v. 14.5.0.44 Remote Arbitrary File Overwrite url: http://www.leadtools.com/ price: eheheh, take a look at thier site : author:...

LeadTools Raster Variant (LTRVR14e.dll) Remote File Overwrite Exploit

Exploit for unknown platform in category remote exploits ===================================================================== LeadTools Raster Variant LTRVR14e.dll Remote File Overwrite Exploit ===================================================================== 2007/05/21...

LeadTools Raster Variant - LTRVR14e.dll Remote File Overwrite

LeadTools Raster Variant - LTRVR14e.dll Remote File Overwrite 2007/05/21 ----------------------------------------------------------------------------------------------------- LeadTools Raster Variant Object Library LTRVR14e.dll v. 14.5.0.44 Remote Arbitrary File Overwrite url:...