24 matches found
AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Directory traversal
Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls th...
Novell ZENWorks AdminStudio ISProxy ActiveX Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Admin Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Flexera Multiple Products ISGrid.dll ActiveX Control Code Execution
A heap buffer overflow vulnerability has been reported in Flexera's AdminStudio and InstallShield...
Flexera AdminStudio LaunchProcess Function ActiveX Control Remote Command Execution
The remote host has the Flexera AdminStudio LaunchHelp ActiveX control installed. The control is affected by a remote command execution vulnerability that can be triggered by sending a directory traversal string to the 'LaunchProcess' function. By tricking a victim into visiting a specially craft...
Novell ZENWorks AdminStudio ActiveX memory corruption
ISGrid.dll memory corruption...
Novell ZENWorks AdminStudio ISGrid.dll ActiveX Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Admin Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2011-2657
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the firs...
CVE-2011-2658
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws...
CVE-2011-3174
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter...
Buffer overflow
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter...
Design/Logic Flaw
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws...
Directory traversal
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the firs...
CVE-2011-2658
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws...
CVE-2011-2657
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the firs...
CVE-2011-2658
The CVE-2011-2658 vulnerability concerns the ISList.ISAvi ActiveX control used by AdminStudio within Novell ZENworks Configuration Management (ZCM) versions 10.2, 10.3, and 11 SP1. The issue stems from access to the mscomct2.ocx file, allowing remote code execution via unspecified flaws in mscomc...
CVE-2011-2657
CVE-2011-2657 affects the AdminStudio LaunchHelp.dll ActiveX control (LaunchHelp.HelpLauncher.1) used by Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1. The vulnerability arises in the LaunchProcess() function where a directory traversal string supplied as the first argumen...
CVE-2011-3174
The CVE-2011-3174 issue affects Novell ZENworks Configuration Management (AdminStudio) via the ISGrid2.dll/InstallShield ISGrid2 ActiveX control. A buffer overflow in DoFindReplace triggered by a long bstrReplaceText parameter allows remote code execution. Reported in versions 10.2, 10.3, and 11 ...
AdminStudio - 'LaunchHelp.dll' ActiveX Arbitrary Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'AdminStudio LaunchHelp.dll ActiveX...
AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...