80 matches found
Microsoft Charts ActiveX Control Memory Corruption Vulnerability
Description Microsoft Charts ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will compromise the...
Microsoft Hierarchical FlexGrid ActiveX Control Memory Corruption Vulnerability
Description Microsoft Hierarchical FlexGrid ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will...
Microsoft DataGrid ActiveX Control Memory Corruption Vulnerability
Description Microsoft DataGrid ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will compromise the...
CVE-2008-3704
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers t...
CVE-2008-3704
CVE-2008-3704 corresponds to a heap-based buffer overflow in the MaskedEdit ActiveX control (Msmask32.ocx) that occurs when a long Mask parameter is processed. The defect affects Msmask32.ocx version 6.0.81.69 and possibly earlier versions (up to 6.0.84.18), within Microsoft Visual Studio 6.0, Vi...
CVE-2008-3704
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers t...
VulnCheck KEV: CVE-2008-3704
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers...
Microsoft Visual FoxPro FPOLE.OCX ActiveX控件远程栈溢出漏洞(MS08-010)
BUGTRAQ ID: 25571 CVECAN ID: CVE-2007-4790 Visual FoxPro是微软发布的数据库开发工具。 Visual FoxPro的AcitveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 Visual FoxPro的Foxtlib.ocx和fpole.ocx ActiveX控件没有正确地验证对FoxDoCmd方式的输入,如果用户受骗访问了恶意站点,就可能触发栈溢出,导致在用户浏览器会话中执行任意指令。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6...
Microsoft Visual FoxPro ActiveX Control Buffer Overflow (MS08-010; CVE-2007-4790)
Microsoft Visual FoxPro is an application development tool for building database applications. This vulnerability is due to a memory corruption error in certain ActiveX objects of Microsoft Visual FoxPro when it is used in Microsoft Internet Explorer. A remote attacker could exploit this issue by...
Microsoft Visual FoxPro vfp6r.dll ActiveX控件任意代码执行漏洞
BUGTRAQ ID: 27205 Visual FoxPro是微软发布的数据库开发工具。 Visual FoxPro的vfp6r.dll ActiveX控件没有正确地验证对foxcommand或DoCmd方式的输入参数,如果用户受骗访问了恶意站点的话,就可能导致执行任意指令。 Microsoft Visual FoxPro 6.0 Microsoft --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/technet/security/ pre codespan...
CVE-2008-0236
An ActiveX control for Microsoft Visual FoxPro vfp6r.dll 6.0.8862.0 allows remote attackers to execute arbitrary commands by invoking the DoCmd method...
Design/Logic Flaw
An ActiveX control for Microsoft Visual FoxPro vfp6r.dll 6.0.8862.0 allows remote attackers to execute arbitrary commands by invoking the DoCmd method...
CVE-2008-0236
CVE-2008-0236 concerns an ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0). The DoCmd method in the Visual FoxPro vfp6r.dll ActiveX control can be exploited to trigger remote command execution by a user visiting a crafted webpage, with the attack operating in the user’s security...
CVE-2008-0236
An ActiveX control for Microsoft Visual FoxPro vfp6r.dll 6.0.8862.0 allows remote attackers to execute arbitrary commands by invoking the DoCmd method...
Microsoft Visual FoxPro 'vfp6r.dll' ActiveX控件远程命令执行漏洞
Microsoft Visual FoxPro是一款数据库管理和应用软件开发系统。 Microsoft Visual FoxPro 'vfp6r.dll' ActiveX控件存在设计问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意命令。 问题是vfp6r.dll包含的控件不安全使用"DoCmd"函数,直接传递运行应用程序作为参数,可导致应用程序权限执行。 Microsoft Visual FoxPro 6.0 + Microsoft Visual Studio 6.0 厂商解决方案 目前没有解决方案提供: http://msdn.microsoft.com/vfoxpro/...
Microsoft VFP_OLE_Server ActiveX控件远程命令执行漏洞
Microsoft Visual FoxPro是一款数据库管理和应用软件开发系统。 Microsoft VFPOLEServer ActiveX控件存在设计问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意命令。 问题是Microsoft VFPOLEServer控件不安全使用"foxcommand"函数,直接传递运行应用程序作为参数,可导致应用程序权限执行。 Microsoft VFPOLEServer ActiveX Control 0 + Microsoft Internet Explorer 6.0 + Microsoft Internet Explorer 5.5 SP2 ...
Microsoft Visual FoxPro FPOLE.OCX ActiveX控件任意命令执行漏洞
BUGTRAQ ID: 25977 CVECAN ID: CVE-2007-5322 Visual FoxPro是微软发布的数据库开发工具。 Visual FoxPro的FPOLE.OCX ActiveX控件没有正确地验证对FoxDoCmd方式的输入,如果用户受骗访问了恶意站点的话,就可能导致在浏览器会话中执行任意指令。 Microsoft Visual FoxPro 6.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/technet/security/ object...
Microsoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution
No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"----------------------------------------------------------------------------- bMicrosoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution/b...
msfp-exec.txt
----------------------------------------------------------------------------- Microsoft Visual FoxPro 6.0 FPOLE.OCX Arbitrary Command Execution url: http://www.microsoft.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose...
Design/Logic Flaw
Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function...