21 matches found
CVE-1999-0395
A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server...
EUVD-1999-1258
Malware in sbrugna...
EUVD-1999-0395
Malware in sbrugna...
F-Secure BackWeb 6.31 Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10055/info A vulnerability has been reported in F-Secure BackWeb that may permit local attackers to gain system level privileges. The source of this vulnerability is that certain areas within the BackWeb interface permit...
BackWeb LiteInstActivator.dll ActiveX控件栈溢出漏洞
BUGTRAQ ID: 29558 CVECAN ID: CVE-2008-0956 BackWeb Lite Install Runner(LiteInstActivator.dll)是用于在Windows系统上安装软件的ActiveX控件。 LiteInstActivator.dll控件捆绑于Logitech鼠标软件中的Logitech Desktop Messenger,该控件没有正确地验证某处参数的输入,如果用户受骗访问了恶意网页并传送了超长参数的话,就可能触发栈溢出,导致执行任意指令。 BackWeb BackWeb 8.1.1.86 Logitech Desktop...
CVE-2008-0956
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager LDM before 2.56, allow remote attackers to execute arbitrary code via...
Stack overflow
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager LDM before 2.56, allow remote attackers to execute arbitrary code via...
CVE-2008-0956
CVE-2008-0956 affects the BackWeb Lite Install Runner ActiveX control (LiteInstActivator.dll) bundled with Logitech Desktop Messenger. Multiple stack-based buffer overflows in the ActiveX control can allow a remote attacker to execute arbitrary code via unspecified vectors when a user visits a ma...
CVE-2008-0956
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager LDM before 2.56, allow remote attackers to execute arbitrary code via...
PT-2008-2565 · Backweb +1 · Backweb +1
Name of the Vulnerable Software and Affected Versions: BackWeb versions prior to 8.1.1.87 Logitech Desktop Manager versions prior to 2.56 Description: The issue is related to multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control. This allows remote attackers to...
Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits (950760)
Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits 950760 Published: June 10, 2008 Version: 1.0 General Information Executive Summary This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could...
BackWeb Lite Install Runner ActiveX stack buffer overflows
Overview The BackWeb Lite Install Runner ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description BackWeb Lite Install Runner is an ActiveX control that is used to install software on...
F-Secure BackWeb 6.31 - Local Privilege Escalation
F-Secure BackWeb 6.31 - Local Privilege Escalation source: https://www.securityfocus.com/bid/10055/info A vulnerability has been reported in F-Secure BackWeb that may permit local attackers to gain system level privileges. The source of this vulnerability is that certain areas within the BackWeb...
F-Secure BackWeb 6.31 - Local Privilege Escalation
source: https://www.securityfocus.com/bid/10055/info A vulnerability has been reported in F-Secure BackWeb that may permit local attackers to gain system level privileges. The source of this vulnerability is that certain areas within the BackWeb interface permit arbitrary programs to be invoked...
CVE-2001-0434
The CVE-2001-0434 issue affects the LogDataListToFile ActiveX function used in Compaq Presario Knowledge Center and Back web components. This function allows remote attackers to modify arbitrary files and cause denial of service. References indicate a patch (SSRT0716-01) is available, which shoul...
CVE-1999-1277
The CVE-1999-1277 issue affects the BackWeb client, where the proxy authentication username and password are stored in cleartext in the Communication registry key. This exposes credentials to other local users, enabling potential privilege escalation through password reading. Root cause: credenti...
CVE-1999-1277
BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password...
CVE-1999-0395
A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server...
CVE-1999-0395
The provided connected documents confirm CVE-1999-0395 describes a race condition in the BackWeb Polite Agent Protocol that can allow an attacker to spoof a BackWeb server. Details available do not specify affected products, versions, or exact root cause steps beyond the protocol race condition, ...
backweb-spoof.txt
ISS Security Advisory January 18, 1999 Vulnerability in the BackWeb Polite Agent Protocol Synopsis: Internet Security Systems ISS X-Force discovered a vulnerability in the BackWeb Technologies http://www.backweb.com/home.html BackWeb Polite Agent Protocol that allows a user on a local network on...