Kisisel Radyo Script - Multiple Vulnerabilities

No description provided by source. Kisisel Radyo Script - Multiple Vulnerabilities Author: FuRty Contact : [email protected] Thanks: RedGuard, KnocKout, TrSniper and all Justic3 Group Script : Kisisel Radyo Script Version : N/A Download : http://www.aspindir.com SQL Injection Vulnerable in radyo.as...

Microsoft Data Access Components code execution

ADODB.Connection NextRecordset / Execute double free vulnerability. Can be used for hidden malware installation...

IE ADODB.Connection对象Execute函数内存破坏漏洞（MS07-009）

Internet Explorer是微软发布的非常流行的WEB浏览器。 IE中ADODB.Connection ActiveX对象的Execute函数存在内存破坏漏洞，允许远程攻击者通过诱骗用户访问恶意WEB页面或HTML文档导致浏览器崩溃或执行任意代码。Execute函数允许恶意脚本以绕过脚本解释程序内存管理器的方式释放堆内存。Execute的第二个参数是一个变量，传送给了VariantClear,如果变量代表BSTR的话就会使用SysFreeString释放相关的字符串内存。脚本解释程序无法知道字符串内存已被释放，可能会在Execute调用返回后双重释放或重新使用内存。...

IE ADODB.Connection对象Execute函数内存破坏漏洞

Internet Explorer是微软发布的非常流行的WEB浏览器。 IE中ADODB.Connection ActiveX对象的Execute函数存在内存破坏漏洞，允许远程攻击者通过诱骗用户访问恶意WEB页面或HTML文档导致浏览器崩溃或执行任意代码。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 在Internet Explorer中禁用ADODB.Connection ActiveX控件。为以下CLSID设置kill bit：...

CVE-2006-5559

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects ADODB.Connection.2.7 and ADODB.Connection.2.8 in the Microsoft Data Access Components MDAC 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote...

CVE-2006-5559

The CVE-2006-5559 issue affects MDAC’s ADODB.Connection ActiveX control (versions 2.5 SP3, 2.7 SP1, 2.8, 2.8 SP1). The Execute/NextRecordset path can trigger memory corruption when the second argument is a BSTR, enabling remote code execution or an Internet Explorer crash via specially crafted in...

ADODB.Connection ActiveX control memory corruption vulnerability

Overview The Execute function of the ADODB.Connection ActiveX object contains an unspecified vulnerability. This may allow a remote, unauthenticated attacker to cause Internet Explorer to crash or possibly execute arbitrary code. Description Microsoft ADO ActiveX Data Objects are "...

RIblog Remote SQL Injection Exploit

------------------------------------------------------------------ - RIblog Remote SQL Injection Exploit - -= http://colander.altervista.org/advisory/riblog.txt =- ------------------------------------------------------------------ -= RIblog =- Omnipresent April 21, 2006 Vunerabilitys:...

Microsoft Internet Explorer (Windows XP SP2) - HTML Help Control Local Zone Bypass

// sp2rc.htm // localpage.HHClick; setTimeout"inject.HHClick",100; // writehta.txt // Dim Conn, rs Set Conn = CreateObject"ADODB.Connection" Conn.Open "Driver=Microsoft Text Driver .txt; .csv;" & "Dbq=http://server;" & "Extensions=asc,csv,tab,txt;" & "Persist Security Info=False" Dim sql sql =...