4192 matches found
CVE-2007-4776
CVE-2007-4776 is a buffer overflow in Microsoft Visual Basic 6.0/Enterprise Edition 6.0 SP6 triggered when opening a crafted Visual Basic Project (.VBP) file that contains a long Reference line. The underlying issue involves VBP_Open and OLE handling, allowing a user-assisted remote attacker to e...
CVE-2007-4776
Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project vbp file containing a long Reference line, related to VBPOpen and OLE. NOTE: there are limited usage scenarios under which this...
Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit
No description provided by source. !/usr/bin/perl ' ++ Microsoft Visual Basic 6.0 Code Execution 0-Day ++ ' ++++++++++++++++++++++++++++++++++++++++++++++++++++++ '++ Author: Koshi + '++ Email: heykoshi at gmail dot com +...
msvb-codeexec.txt
!/usr/bin/perl ' ++ Microsoft Visual Basic 6.0 Code Execution 0-Day ++ ' ++++++++++++++++++++++++++++++++++++++++++++++++++++++ '++ Author: Koshi + '++ Email: heykoshi at gmail dot com + '++ Application: Microsoft Visual Basic 6.0 + '++ + '++ Tested on Microsoft Windows XP Home Edition SP2 + '++...
Microsoft Visual Basic 6.0 VBP_Open OLE Local CodeExec Exploit
Exploit for unknown platform in category local exploits ============================================================== Microsoft Visual Basic 6.0 VBPOpen OLE Local CodeExec Exploit ============================================================== !/usr/bin/perl ' ++ Microsoft Visual Basic 6.0 Code...
Microsoft Visual Basic 6.0 - VBP_Open OLE Local CodeExec
Microsoft Visual Basic 6.0 - VBPOpen OLE Local CodeExec !/usr/bin/perl ' ++ Microsoft Visual Basic 6.0 Code Execution 0-Day ++ ' ++++++++++++++++++++++++++++++++++++++++++++++++++++++ '++ Author: Koshi + '++ Email: heykoshi at gmail dot com + '++ Application: Microsoft Visual Basic 6.0 + '++ + '+...
Microsoft Visual Basic 6.0 - VBP_Open OLE Local CodeExec
!/usr/bin/perl ' ++ Microsoft Visual Basic 6.0 Code Execution 0-Day ++ ' ++++++++++++++++++++++++++++++++++++++++++++++++++++++ '++ Author: Koshi + '++ Email: heykoshi at gmail dot com + '++ Application: Microsoft Visual Basic 6.0 + '++ + '++ Tested on Microsoft Windows XP Home Edition SP2 + '++...
Microsoft Internet Explorer multiple security vulnerabilities
Memory corruption on ActiveX parsing, unsafe Visual Basic ActiveX execution, Visual Basic ActiveX memory corruption...
[Full-disclosure] ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability
ZDI-07-048: Microsoft Internet Explorer substringData Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-048.html August 14, 2007 -- CVE ID: CVE-2007-2223 CVE-2007-2224 -- Affected Vendor: Microsoft -- Affected Products: Windows 2000 Windows XP Windows Server 2003...
[Full-disclosure] ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability
ZDI-07-048: Microsoft Internet Explorer substringData Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-048.html August 14, 2007 -- CVE ID: CVE-2007-2223 CVE-2007-2224 -- Affected Vendor: Microsoft -- Affected Products: Windows 2000 Windows XP Windows Server 2003...
Microsoft OLE Automation SubstringData Function Integer Overflow Vulnerability
Description Microsoft OLE Automation is prone to an integer-overflow vulnerability. this issue occurs because the application fails to ensure that integer values are not overrun. Successfully exploiting this issue allows remote attackers to corrupt heap memory and execute arbitrary in the context...
Microsoft Security Bulletin MS07-043 - Critical Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
Microsoft Security Bulletin MS07-043 - Critical Vulnerability in OLE Automation Could Allow Remote Code Execution 921503 Published: August 14, 2007 Version: 1.0 General Information Executive Summary This critical security update resolves a privately reported vulnerability. This vulnerability coul...
CVE-2007-3981
CVE-2007-3981 : SQL injection in index.php of WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action. Connected documents confirm the vulnerability details; no remediation or exploit status provided in the sources.
CVE-2007-3981
SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action...
WSN Links Basic Edition - catid SQL Injection
WSN Links Basic Edition - catid SQL Injection --==+================================================================================+==-- --==+ WSN Links Basic Edition SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR...
WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility
Exploit for unknown platform in category web applications ===================================================================== WSN Links Basic Edition displaycat catid SQL Injection Vulnerbility =====================================================================...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the 1 updateform and 2 displayform parameter to a gateway/gateway.exe; the 3 TERMS, 4 database, 5 srchad, 6 SuggestedSearch, and 7 searchform...
CVE-2007-3569
Multiple cross-site scripting XSS vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the 1 updateform and 2 displayform parameter to a gateway/gateway.exe; the 3 TERMS, 4 database, 5 srchad, 6 SuggestedSearch, and 7 searchform...
CVE-2007-3569
Multiple cross-site scripting XSS vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the 1 updateform and 2 displayform parameter to a gateway/gateway.exe; the 3 TERMS, 4 database, 5 srchad, 6 SuggestedSearch, and 7 searchform...
Sql injection
SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected...