Lucene search
K

80 matches found

Symantec
Symantec
added 2008/12/09 12:0 a.m.650 views

Microsoft Charts ActiveX Control Memory Corruption Vulnerability

Description Microsoft Charts ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will compromise the...

8.2AI score
Exploits0References1Affected Software2
Symantec
Symantec
added 2008/12/09 12:0 a.m.38 views

Microsoft Hierarchical FlexGrid ActiveX Control Memory Corruption Vulnerability

Description Microsoft Hierarchical FlexGrid ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will...

0.5AI score
Exploits0References2Affected Software3
Symantec
Symantec
added 2008/12/09 12:0 a.m.17 views

Microsoft DataGrid ActiveX Control Memory Corruption Vulnerability

Description Microsoft DataGrid ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will compromise the...

0.3AI score
Exploits0References1Affected Software2
NVD
NVD
added 2008/08/18 7:41 p.m.33 views

CVE-2008-3704

Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers t...

9.3CVSS7.9AI score0.55917EPSS
Exploits9References12
CVE
CVE
added 2008/08/18 7:0 p.m.89 views

CVE-2008-3704

CVE-2008-3704 corresponds to a heap-based buffer overflow in the MaskedEdit ActiveX control (Msmask32.ocx) that occurs when a long Mask parameter is processed. The defect affects Msmask32.ocx version 6.0.81.69 and possibly earlier versions (up to 6.0.84.18), within Microsoft Visual Studio 6.0, Vi...

9.3CVSS7.7AI score0.55917EPSS
Exploits9References12Affected Software4
Cvelist
Cvelist
added 2008/08/18 7:0 p.m.34 views

CVE-2008-3704

Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers t...

7.8AI score0.55917EPSS
Exploits9References12
VulnCheck KEV
VulnCheck KEV
added 2008/08/18 12:0 a.m.3 views

VulnCheck KEV: CVE-2008-3704

Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers...

9.3CVSS6.1AI score0.55917EPSS
Exploits9References1
seebug.org
seebug.org
added 2008/02/20 12:0 a.m.32 views

Microsoft Visual FoxPro FPOLE.OCX ActiveX控件远程栈溢出漏洞(MS08-010)

BUGTRAQ ID: 25571 CVECAN ID: CVE-2007-4790 Visual FoxPro是微软发布的数据库开发工具。 Visual FoxPro的AcitveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 Visual FoxPro的Foxtlib.ocx和fpole.ocx ActiveX控件没有正确地验证对FoxDoCmd方式的输入,如果用户受骗访问了恶意站点,就可能触发栈溢出,导致在用户浏览器会话中执行任意指令。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6...

7.5CVSS6.4AI score0.54908EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2008/02/12 12:0 a.m.3 views

Microsoft Visual FoxPro ActiveX Control Buffer Overflow (MS08-010; CVE-2007-4790)

Microsoft Visual FoxPro is an application development tool for building database applications. This vulnerability is due to a memory corruption error in certain ActiveX objects of Microsoft Visual FoxPro when it is used in Microsoft Internet Explorer. A remote attacker could exploit this issue by...

7.5CVSS7AI score0.54908EPSS
Exploits2
seebug.org
seebug.org
added 2008/01/21 12:0 a.m.20 views

Microsoft Visual FoxPro vfp6r.dll ActiveX控件任意代码执行漏洞

BUGTRAQ ID: 27205 Visual FoxPro是微软发布的数据库开发工具。 Visual FoxPro的vfp6r.dll ActiveX控件没有正确地验证对foxcommand或DoCmd方式的输入参数,如果用户受骗访问了恶意站点的话,就可能导致执行任意指令。 Microsoft Visual FoxPro 6.0 Microsoft --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/technet/security/ pre codespan...

6.9AI score
Exploits0
NVD
NVD
added 2008/01/11 2:46 a.m.34 views

CVE-2008-0236

An ActiveX control for Microsoft Visual FoxPro vfp6r.dll 6.0.8862.0 allows remote attackers to execute arbitrary commands by invoking the DoCmd method...

5.8CVSS7.5AI score0.17384EPSS
Exploits5References5
Prion
Prion
added 2008/01/11 2:46 a.m.15 views

Design/Logic Flaw

An ActiveX control for Microsoft Visual FoxPro vfp6r.dll 6.0.8862.0 allows remote attackers to execute arbitrary commands by invoking the DoCmd method...

5.8CVSS8.1AI score0.17384EPSS
Exploits5References5Affected Software1
CVE
CVE
added 2008/01/11 2:0 a.m.62 views

CVE-2008-0236

CVE-2008-0236 concerns an ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0). The DoCmd method in the Visual FoxPro vfp6r.dll ActiveX control can be exploited to trigger remote command execution by a user visiting a crafted webpage, with the attack operating in the user’s security...

5.8CVSS7.4AI score0.17384EPSS
Exploits5References5Affected Software1
Cvelist
Cvelist
added 2008/01/11 2:0 a.m.21 views

CVE-2008-0236

An ActiveX control for Microsoft Visual FoxPro vfp6r.dll 6.0.8862.0 allows remote attackers to execute arbitrary commands by invoking the DoCmd method...

7.5AI score0.17384EPSS
Exploits5References5
seebug.org
seebug.org
added 2008/01/11 12:0 a.m.17 views

Microsoft Visual FoxPro 'vfp6r.dll' ActiveX控件远程命令执行漏洞

Microsoft Visual FoxPro是一款数据库管理和应用软件开发系统。 Microsoft Visual FoxPro 'vfp6r.dll' ActiveX控件存在设计问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意命令。 问题是vfp6r.dll包含的控件不安全使用"DoCmd"函数,直接传递运行应用程序作为参数,可导致应用程序权限执行。 Microsoft Visual FoxPro 6.0 + Microsoft Visual Studio 6.0 厂商解决方案 目前没有解决方案提供: http://msdn.microsoft.com/vfoxpro/...

7AI score
Exploits0
seebug.org
seebug.org
added 2008/01/11 12:0 a.m.34 views

Microsoft VFP_OLE_Server ActiveX控件远程命令执行漏洞

Microsoft Visual FoxPro是一款数据库管理和应用软件开发系统。 Microsoft VFPOLEServer ActiveX控件存在设计问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意命令。 问题是Microsoft VFPOLEServer控件不安全使用"foxcommand"函数,直接传递运行应用程序作为参数,可导致应用程序权限执行。 Microsoft VFPOLEServer ActiveX Control 0 + Microsoft Internet Explorer 6.0 + Microsoft Internet Explorer 5.5 SP2 ...

7AI score
Exploits0
seebug.org
seebug.org
added 2007/10/28 12:0 a.m.41 views

Microsoft Visual FoxPro FPOLE.OCX ActiveX控件任意命令执行漏洞

BUGTRAQ ID: 25977 CVECAN ID: CVE-2007-5322 Visual FoxPro是微软发布的数据库开发工具。 Visual FoxPro的FPOLE.OCX ActiveX控件没有正确地验证对FoxDoCmd方式的输入,如果用户受骗访问了恶意站点的话,就可能导致在浏览器会话中执行任意指令。 Microsoft Visual FoxPro 6.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/technet/security/ object...

7.5CVSS6.5AI score0.18576EPSS
Exploits2
seebug.org
seebug.org
added 2007/10/12 12:0 a.m.14 views

Microsoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"----------------------------------------------------------------------------- bMicrosoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution/b...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/10/10 12:0 a.m.20 views

msfp-exec.txt

----------------------------------------------------------------------------- Microsoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution url: http://www.microsoft.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose...

7.4AI score
Exploits0
Prion
Prion
added 2007/10/09 10:17 p.m.19 views

Design/Logic Flaw

Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function...

7.5CVSS7.5AI score0.18576EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder