Lucene search
K

80 matches found

Saint
Saint
added 2008/12/19 12:0 a.m.28 views

Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution

Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...

5.8CVSS6.5AI score0.17384EPSS
Exploits5
Saint
Saint
added 2008/12/19 12:0 a.m.36 views

Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution

Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...

5.8CVSS6.4AI score0.17384EPSS
Exploits5
Saint
Saint
added 2008/12/19 12:0 a.m.13 views

Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution

Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...

5.8CVSS6.4AI score0.17384EPSS
Exploits5
NVD
NVD
added 2008/12/10 2:0 p.m.29 views

CVE-2008-4254

Multiple integer overflows in the Hierarchical FlexGrid ActiveX control mshflxgd.ocx in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted 1 Rows and 2 Cols properties to the a ExpandAll and b CollapseAll methods,...

8.5CVSS7.7AI score0.2206EPSS
Exploits0References8
Prion
Prion
added 2008/12/10 2:0 p.m.17 views

Memory corruption

The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code v...

8.5CVSS7.7AI score0.20976EPSS
Exploits0References7Affected Software5
NVD
NVD
added 2008/12/10 2:0 p.m.16 views

CVE-2008-4252

The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of...

8.5CVSS7.3AI score0.20976EPSS
Exploits0References7
Prion
Prion
added 2008/12/10 2:0 p.m.19 views

Integer overflow

Multiple integer overflows in the Hierarchical FlexGrid ActiveX control mshflxgd.ocx in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted 1 Rows and 2 Cols properties to the a ExpandAll and b CollapseAll methods,...

8.5CVSS8AI score0.2206EPSS
Exploits0References8Affected Software5
Prion
Prion
added 2008/12/10 2:0 p.m.21 views

Memory corruption

The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of...

8.5CVSS7.7AI score0.20976EPSS
Exploits0References7Affected Software5
Prion
Prion
added 2008/12/10 2:0 p.m.19 views

Memory corruption

The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted...

8.5CVSS7.7AI score0.20976EPSS
Exploits1References7Affected Software5
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.27 views

CVE-2008-4256

The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted...

7.3AI score0.20976EPSS
Exploits1References7
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.25 views

CVE-2008-4254

Multiple integer overflows in the Hierarchical FlexGrid ActiveX control mshflxgd.ocx in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted 1 Rows and 2 Cols properties to the a ExpandAll and b CollapseAll methods,...

7.7AI score0.2206EPSS
Exploits0References8
CVE
CVE
added 2008/12/10 1:33 p.m.78 views

CVE-2008-4252

CVE-2008-4252, -4253, -4254, -4255, -4256 describe memory corruption vulnerabilities in Visual Basic 6.0 ActiveX Controls (DataGrid, FlexGrid, Hierarchical FlexGrid, Windows Common AVI Parsing, Charts, Masked Edit). Exploitation vector involves remote code execution by delivering a crafted web pa...

8.5CVSS7.3AI score0.20976EPSS
Exploits0References7Affected Software5
CVE
CVE
added 2008/12/10 1:33 p.m.91 views

CVE-2008-4254

CVE-2008-4254 describes a remote code execution vulnerability in the Microsoft Visual Basic 6.0 Runtime Extended Files Hierarchical FlexGrid ActiveX control (mshflxgd.ocx). The issue arises from multiple integer overflows in the Hierarchical FlexGrid control when manipulating the Rows/Cols proper...

8.5CVSS7.5AI score0.2206EPSS
Exploits0References8Affected Software5
CVE
CVE
added 2008/12/10 1:33 p.m.84 views

CVE-2008-4256

The CVE-2008-4256 entry maps to the Charts ActiveX Control memory corruption vulnerability in Microsoft Visual Basic 6.0 runtime components (notably Mschart20.ocx) and related VB/FoxPro runtimes. The root cause is improper error handling when accessing incorrectly initialized objects, enabling re...

8.5CVSS7.3AI score0.20976EPSS
Exploits1References7Affected Software5
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.26 views

CVE-2008-4253

The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code v...

7.3AI score0.20976EPSS
Exploits0References7
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.38 views

CVE-2008-4255

Heap-based buffer overflow in mscomct2.ocx aka Windows Common ActiveX control or Microsoft Animation ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote...

7.8AI score0.53703EPSS
Exploits7References11
CVE
CVE
added 2008/12/10 1:33 p.m.74 views

CVE-2008-4253

CVE-2008-4253 is a remote code execution vulnerability in the FlexGrid ActiveX control used by Visual Basic 6.0, Visual FoxPro 8.0 SP1/9.0 SP1/SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3. The issue arises when the ActiveX control handles errors during access to improperly initiali...

8.5CVSS7.3AI score0.20976EPSS
Exploits0References7Affected Software5
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.24 views

CVE-2008-4252

The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of...

7.3AI score0.20976EPSS
Exploits0References7
securityvulns
securityvulns
added 2008/12/10 12:0 a.m.216 views

Microsoft Security Bulletin MS08-070 - Critical Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Microsoft Security Bulletin MS08-070 - Critical Vulnerabilities in Visual Basic 6.0 Runtime Extended Files ActiveX Controls Could Allow Remote Code Execution 932349 Published: December 9, 2008 Version: 1.0 General Information Executive Summary This security update resolves five privately reported...

9.3CVSS1AI score0.55917EPSS
Exploits17
Symantec
Symantec
added 2008/12/09 12:0 a.m.19 views

Microsoft FlexGrid ActiveX Control Memory Corruption Vulnerability

Description Microsoft FlexGrid ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will compromise the...

8.2AI score
Exploits0References1Affected Software4
Rows per page
Query Builder