MAL-2025-45581 Malicious code in pp-com-components (npm)

The package pp-com-components was found to contain malicious code...

Malicious code in pp-com-components (npm)

The package pp-com-components was found to contain malicious code...

Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-04

Exploit for windows platform in category local exploits require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM...

Office OLE DLL Hijacking

require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various...

Office OLE Multiple DLL Side Loading Vulnerabilities

Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various these components as an embedded OLE object. When instantiating a vulnerable object Windows will try to load one or more DLLs from the current working directory. If an...

Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-041/MS16-070) (Metasploit)

require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various...

HP Quality Center缓存工作流脚本绕过安全限制漏洞

BUGTRAQ ID: 33854 CVECAN ID: CVE-2007-5289 HP质量中心可管理和控制质量流程，并在IT和应用环境中实现软件测试自动化。 HP质量中心的前端有一些嵌入到WEB浏览器中的COM组件组成。质量中心提供了自定义功能（被称为工作流），允许管理员修改默认的行为。这个工作流是由VBScript函数驱动的，每当客户端前端出现特定的事件时就会调用这些函数。...

Looked at the foreign cattle people how to tap Microsoft vulnerability-vulnerability warning-the black bar safety net

Ghost boy note: contains a w3wp-dos. c and a PDF document. I also added a download mirror to prevent the official link failure. Information source: 混世魔王 blog w3wp remote DoS due to improper reference of STA COM components in ASP.NET asp.net COM DOS EXP research Cattle below download address. And...

CVE-2006-1364

Microsoft w3wp aka w3wp.exe does not properly handle when the AspCompat directive is not used when referencing COM components in ASP.NET, which allows remote attackers to cause a denial of service resource consumption or crash by repeatedly requesting each of several documents that refer to COM...

w3wp-dos.txt

--0-1633069887-1142992701=:20251 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sorry, if you are receiving multiple copies of it. Just resending as the one that I sent last night has not yet appeared. w3wp remote DoS due to improper reference of STA COM components i...

ASP.NET w3wp (COM Components) Remote Crash Exploit

Exploit for unknown platform in category dos / poc ================================================== ASP.NET w3wp COM Components Remote Crash Exploit ================================================== // w3wp-dos.c // include "stdafx.h" pragma comment lib,"ws232" include include include include...

w3wp remote DoS due to improper reference of STA COM components in ASP.NET

Often developers forget to use the “AspCompat” directive which is required while referencing COM components in ASP.NET. Missing AspCompat directive causes general instability and poor performance of the web application, just a simple increase of load on a web server may cause it to crash. After...