Microsoft IE 8 toStaticHTML()函数不安全HTML过滤漏洞(MS10-071/MS10-072)

BUGTRAQ ID: 42467 CVECAN ID: CVE-2010-3324 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 IE8中对窗口对象提供了名为toStaticHTML的过滤方式。如果向这个函数传送了HTML字符串，在返回之前会删除所有可执行的脚本结构。例如，可使用toStaticHTML方式确保从postMessage调用所接收到的HTML无法执行脚本，但可利用基本格式： document.attachEvent'onmessage',functione if e.domain == 'weather.example.com'...

Microsoft Browser Embedded Media Player Memory Corruption (MS10-082; CVE-2010-2745)

Windows Media Player is a feature of the Windows operating system for personal computers. It is used for playing audio and video. A remote code execution vulnerability has been reported in Windows Media Player. The vulnerability is due to an error in the Windows Media Player that improperly...

acroread: multiple code execution flaws (APSB10-21)

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628,...

All Eyes On Stuxnet At Annual Virus Researcher Summit

The world will know more about the mysterious Stuxnet virus by week’s end, after top virus researchers reveal the findings of their post mortem on Stuxnet at the annual Virus Bulletin Conference. HED: All eyes on Stuxnet at annual virus researcher summit DEK: Researchers will reveal new details...

BlackBerry Desktop Software Insecure Library Loading Vulnerability

This host is installed with BlackBerry Desktop Software and is prone to Insecure Library Loading Vulnerability. OpenVAS Vulnerability Test $Id: secpodblackberrydesktopinsecurelibloadvulnwin.nasl 5394 2017-02-22 09:22:42Z teissa $ BlackBerry Desktop Software Insecure Library Loading Vulnerability...

Microsoft IIS Directory Authentication Bypass (MS10-065; CVE-2010-1899; CVE-2010-2731)

IIS is a collection of Internet services packaged with several versions of the Windows operating system. An elevation of privilege vulnerability has been reported in Microsoft Internet Information Services IIS. The vulnerability is due to the way IIS parses specially crafted URLs. An attacker may...

uTorrent 2.0.3 DLL Hijacking Exploit

/ Exploit Title: uTorrent define DLLIMPORT declspec dllexport DLLIMPORT void hookstartup evil; int evil WinExec"calc", 0; exit0; return 0;...

Opera < 10.54 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 10.54. Such versions are potentially affected by the following issues : - Web fonts may be used to trigger a privilege elevation vulnerability in the Windows operating system MS10-032 954 - It may be possible to use data URIs in a...

H264WebCam - Boundary Condition Error

/ DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! Also the free software programs provided by fl0 fl0w may be freely distributed and that the disclaimer below is always attached to it. The programs are provided as is without...

Microsoft IE HTML渲染远程代码执行漏洞（MS10-018）

BUGTRAQ ID: 39024 CVE ID: CVE-2010-0807 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer访问已被删除的对象的方式中存在一个远程执行代码漏洞。攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 7.0 临时解决方法： 在Office 2007中禁用ActiveX控件。 不要打开意外的文件。 厂商补丁： Microsoft...

Microsoft IE未初始化内存远程代码执行漏洞（MS10-018）

BUGTRAQ ID: 39023,39031 CVE ID: CVE-2010-0267,CVE-2010-0490 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer访问尚未正确初始化或已被删除的对象的方式中存在多个远程执行代码漏洞。攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 8.0 Microsoft Internet Explorer 7.0...

PT-2010-1847 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to the SMB implementation in the Server service, which does not properly validate the share and servername fields in SMB packets. This allows remote...

Microsoft IE表格布局重用远程代码执行漏洞（MS10-002）

BUGTRAQ ID: 37892 CVE ID: CVE-2010-0245 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 在表格容器中使用特定的元素时，如果删除了其中一个元素，IE就会错误的从布局树中解除对该元素的链接。之后在遍历这个树的时候，IE会重新使用已经释放的对象。 攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。 Microsoft Internet Explorer 8.0 临时解决方法： 将Internet...

CVE-2010-0249

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessin...

VulnCheck KEV: CVE-2010-0249

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by...

Microsoft DirectX RLE Compressed Targa Image File Heap Overflow (CVE-2006-4183)

Microsoft DirectX is a set of libraries that aim for accelerated video and audio experience on Microsoft Windows operating system. The three-dimension 3D acceleration engine of DirectX is known as Direct3D. Direct3D include texture rendering, which displays bitmap images on the surface of 3D...

Microsoft SMS Remote Control Service Denial of Service (CVE-2004-0728)

Microsoft's Systems Management Server SMS is a change and configuration management server for the Microsoft Windows platforms. One component of this system is a client utility that allows an administrator to obtain control over remote client computer. This remote assistance service is installed a...

Winamp XM File Heap Buffer Overflow (CVE-2004-1896)

Winamp is a popular media player for the Windows operating system. There is a buffer overflow within the parsing of .XM media files that can lead to arbitrary code execution. There is a buffer overflow in the .XM file type decoded within Winamp, a popular media file player for the Windows Operati...

Preemptive Protection against Microsoft GDI+ PNG Heap Overflow Vulnerability (MS09-062)

A remote code execution vulnerability has been discovered in the way that GDI+ allocates memory. The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer. A remote attacker may trigger this issue via a...

PHP 5.2.11版本修复多个安全漏洞

BUGTRAQ ID: 36449 CVE ID: CVE-2009-3291,CVE-2009-3292,CVE-2009-3293,CVE-2009-3294 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的5.2.11之前版本的多个函数中存在安全漏洞，可能允许远程攻击者导致拒绝服务或完全入侵用户系统。 1 PHP的phpopensslapplyverificationpolicy函数没有正确的执行证书验证，可能允许攻击者通过伪造的证书执行欺骗攻击。 2 imagecolortransparent函数没有正确的对颜色索引执行过滤检查。 3...