📄 Microsoft Windows Server 2025 jscript.dll Use-After-Free

The exploit targets a use-After-free vulnerability in the JScript engine component jscript.dll of Internet Explorer 11 on Windows Server 2025. ============================================================================================================================================= | Title :...

EUVD-2017-0603

Malware in sbrugna...

Microsoft Windows MSHTA.EXE .HTA File XML Injection Vulnerability

Microsoft Windows MSHTA.EXE .HTA File XML Injection Vulnerability Vendor www.microsoft.com Product Windows MSHTA.EXE .HTA File An HTML Application HTA is a Microsoft Windows program whose source code consists of HTML, Dynamic HTML, and one or more scripting languages supported by Internet Explore...

CVE-2017-0242

An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability."...

Microsoft ActiveX 'Msadcf.dll' Information Disclosure Vulnerability (KB4018927)

This host is missing an important security update according to Microsoft KB4018927. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Microsoft Windows Media Center Library - Parsing Remote Code Execution aka 'self-executing' MCL File

Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any Windows OS. Software Vendor Homepage: http://www.microsoft.com CVE: CVE-2015-6131 Exploit Author:...

Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MC

Exploit for windows platform in category remote exploits Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any Windows OS. Software Vendor Homepage:...

[DSecRG-09-053] VMware Remoute Console - format string

Digital Security Research Group DSecRG Advisory DSECRG-09-053 Application: VMware Remoute Console Version: e.x.p build-158248 Vendor URL: http://vmware.com Bugs: Format String Vulnerabilitys Exploits: YES PoC Reported: 07.08.2009 Vendor response: 13.08.2009 Date of Public Advisory: 09.04.2010 CVE...

VMware Remote Console e.x.p build-158248 - format string vulnerability

Exploit for multiple platform in category dos / poc ====================================================================== VMware Remote Console e.x.p build-158248 - format string vulnerability ====================================================================== Digital Security Research Group...

Internet Explorer COM CreateObject Code Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3...

Internet Explorer (MDAC) Remote Code Execution Expl (MS06-014) (2)

Exploit for unknown platform in category remote exploits ===================================================================== Internet Explorer MDAC Remote Code Execution Exploit MS06-014 2 ===================================================================== This file is part of the Metasploit...

Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2)

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

Microsoft Virtual Machine 2000/3100/3200/3300 Series - 'com.ms.activeX.ActiveXComponent' Arbitrary Program Execution

source: https://www.securityfocus.com/bid/1754/info If a malicious website operator were to embed a specially crafted java object into a HTML document, it would be possible to execute arbitrary programs on a target host viewing the webpage through either Microsoft Internet Explorer or Outlook. Th...

Очередная уязвимость IE при работе с объектами Office

Создавая ActiveX-объекты для файлов .xla, .ppt, .mdb можно получить доступ к методу SaveAs, сохранить любой файл локально и запустить его на выполнение...