Lucene search
+L

68 matches found

Check Point Advisories
Check Point Advisories
added 2007/08/30 12:0 a.m.26 views

Internet Explorer Pdwizard.ocx ActiveX Object Memory Corruption (MS07-045; CVE-2007-3041)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer IE ActiveX control pdwizard.ocx. ActiveX controls are reusable software components based on Microsoft Component Object Model COM. To trigger the vulnerability, an attacker can create a malicious web page that...

9.3CVSS7.4AI score0.28979EPSS
Exploits1
Prion
Prion
added 2007/08/14 9:17 p.m.19 views

Memory corruption

Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability."...

9.3CVSS7.8AI score0.28979EPSS
Exploits1References8Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2007/08/14 12:0 a.m.25 views

Microsoft Internet Explorer substringData Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft software User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData method available ...

9.3CVSS4.2AI score0.48722EPSS
Exploits1References1
Cvelist
Cvelist
added 2007/06/19 10:0 p.m.24 views

CVE-2007-3282

Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method...

7.9AI score0.42236EPSS
Exploits0References4
Prion
Prion
added 2007/06/12 7:30 p.m.19 views

Buffer overflow

Multiple buffer overflows in the 1 ActiveListen Xlisten.dll and 2 ActiveVoice Xvoice.dll speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the...

9.3CVSS7.8AI score0.57521EPSS
Exploits5References14Affected Software1
NVD
NVD
added 2007/06/12 7:30 p.m.18 views

CVE-2007-2222

Multiple buffer overflows in the 1 ActiveListen Xlisten.dll and 2 ActiveVoice Xvoice.dll speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the...

9.3CVSS7.4AI score0.57521EPSS
Exploits5References14
Cvelist
Cvelist
added 2007/06/12 7:0 p.m.25 views

CVE-2007-2222

Multiple buffer overflows in the 1 ActiveListen Xlisten.dll and 2 ActiveVoice Xvoice.dll speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the...

7.4AI score0.57521EPSS
Exploits5References14
securityvulns
securityvulns
added 2007/02/04 12:0 a.m.29 views

Microsoft Windows XMLHTTP proxy problem

Because of insufficient request validation Msxml2.XMLHTTP ActiveX object can be used to proxy HTTML request via client browser...

1.8AI score
Exploits0References1
Prion
Prion
added 2007/01/23 2:28 a.m.15 views

Design/Logic Flaw

DivXBrowserPlugin aka DivX Web Player npdivx32.dll, as distributed with DivX Player 6.4.1, allows remote attackers to cause a denial of service Internet Explorer 7 crash by invoking the GoWindowed method for a certain instance of the ActiveX object...

5CVSS7.2AI score0.02775EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/01/23 2:0 a.m.61 views

CVE-2007-0429

Affected software: DivX Player 6.4.1 includes DivXBrowserPlugin (npdivx32.dll) used as an ActiveX control in Internet Explorer. Vulnerability: invoking the GoWindowed method on a certain ActiveX instance can trigger a denial-of-service condition, leading to IE7 crash. Root cause: improper handlin...

5CVSS6.6AI score0.02775EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/10/23 5:0 p.m.23 views

CVE-2006-5448

The drmstor.dll ActiveX object in Microsoft Windows Digital Rights Management System DRM allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long parameter to the StoreLicense function, which triggers "memory corruption" and possibly a buffer...

7.9AI score0.11796EPSS
Exploits0References2
NVD
NVD
added 2006/08/18 7:4 p.m.15 views

CVE-2006-4219

The Terminal Services COM object tsuserex.dll allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN...

7.5CVSS7.7AI score0.21512EPSS
Exploits1References5
NVD
NVD
added 2006/07/28 12:4 a.m.20 views

CVE-2006-3910

Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a denial of service crash by calling the NewDefaultItem function of an OVCtl OVCtl.OVCtl.1 ActiveX object, which triggers a null dereference...

5CVSS6.6AI score0.17071EPSS
Exploits1References5
CVE
CVE
added 2006/07/27 10:0 a.m.52 views

CVE-2006-3897

CVE-2006-3897 describes a stack overflow in Microsoft Internet Explorer 6 on Windows 2000 caused by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with an overly long dispValue property. This leads to a remote-denial-of-service condition (application crash). Connected documents confi...

5CVSS6.8AI score0.26629EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2006/07/27 10:0 a.m.22 views

CVE-2006-3898

Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service application crash by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null dereference...

6.6AI score0.24274EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/07/27 10:0 a.m.24 views

CVE-2006-3897

Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service application crash by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property...

6.8AI score0.26629EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/07/27 10:0 a.m.20 views

CVE-2006-3899

Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service application crash by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen...

6.5AI score0.24274EPSS
Exploits1References5
NVD
NVD
added 2006/07/18 3:47 p.m.17 views

CVE-2006-3657

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service stack overflow exception via a DXImageTransform.Microsoft.Gradient ActiveX object with a long 1 StartColorStr or 2 EndColorStr property...

5CVSS6.8AI score0.16628EPSS
Exploits0References5
CVE
CVE
added 2006/07/17 7:0 p.m.61 views

CVE-2006-3659

Microsoft Internet Explorer 6 is affected by CVE-2006-3659. The vulnerability enables remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object. The public description across sources consistently states this is a crash/DoS vector i...

5CVSS7AI score0.14914EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2006/07/17 7:0 p.m.20 views

CVE-2006-3657

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service stack overflow exception via a DXImageTransform.Microsoft.Gradient ActiveX object with a long 1 StartColorStr or 2 EndColorStr property...

6.8AI score0.16628EPSS
Exploits0References5
Rows per page
Query Builder