Lucene search
K

218 matches found

Hacker One
Hacker One
added 2016/03/01 8:17 a.m.52 views

Internet Bug Bounty: Adobe Flash Player Race Condition Vulnerability

Adobe Flash Player is prone to a race condition vulnerability which leads to Use After Free. COM Object will be initialized twice and uninitialized when the count number decrement to zero by the main thread. As we could force the second initialization being called by a Worker thread, the...

10CVSS6.2AI score0.05743EPSS
Exploits0
0day.today
0day.today
added 2016/01/13 12:0 a.m.79 views

Microsoft Office - COM Object DLL Planting with WMALFXGFXDSP.dll (MS16-007)

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=555 It is possible for an attacker to execute a DLL planting attack in Microsoft Office 2010 on Windows 7 x86 with a specially crafted OLE object. The attached POC docume...

6.9CVSS7.8AI score0.31091EPSS
Exploits2
exploitpack
exploitpack
added 2015/12/14 12:0 a.m.12 views

Microsoft Office COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)

Microsoft Office COM Object - DLL Planting with comsvcs.dll Delay Load of mqrt.dll MS15-132 Source: https://code.google.com/p/google-security-research/issues/detail?id=556 It is possible for an attacker to execute a DLL planting attack in Microsoft Office 2010 on Windows 7 x86 with a specially...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/12/09 12:0 a.m.49 views

Microsoft Office / COM Object - 'els.dll' DLL Planting (MS15-134)

Source: https://code.google.com/p/google-security-research/issues/detail?id=514 It is possible for an attacker to execute a DLL planting attack in Microsoft Office with a specially crafted OLE object. Testing was performed on a Windows 7 x64 virtual machine with Office 2013 installed and the late...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/15 12:0 a.m.120 views

Microsoft Windows - CreateObjectTask SettingsSyncDiagnostics Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=437 Windows: CreateObjectTask SettingsSyncDiagnostics Elevation of Privilege Platform: Windows 8.1 Update I don’t believe it’s available in earlier Windows versions Class: Elevation of Privilege Summary: The...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2015/09/02 12:0 a.m.11 views

MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit

No description provided by source. % Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoint, "0x", "" PackDWORD = PackDWORD & UnEscape"%...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/08/29 12:0 a.m.12 views

MS SQL Server 20002005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer

MS SQL Server 20002005 - SQLNS.SQLNamespace COM Object Refresh Unhandled Pointer % Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoin...

0.6AI score
Exploits0
0day.today
0day.today
added 2015/08/29 12:0 a.m.26 views

MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit

Exploit for windows platform in category remote exploits % Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoint, "0x", "" PackDWORD =...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2015/08/29 12:0 a.m.30 views

MS SQL Server 2000/2005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer

% Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoint, "0x", "" PackDWORD = PackDWORD & UnEscape"%u" & MidstrTmp, 5, 2 & MidstrTmp, 7...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Internet Explorer 4.0/5.0/5.5 preview/5.0.1 - DocumentComplete() Cross Frame Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1224/info The DocumentComplete function in IE does not properly validate origin domains. Therefore it is possible for a remote webserver to gain read access to local files on the machine of any website visitor or email...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow

No description provided by source. !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution. COM Object - 2355C601-37D1-42B4-BEB1-03C773298DC8 MW6MaxiCode Class File...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Softwin BitDefender AvxScanOnlineCtrl COM Object Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10175/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by an information disclosure vulnerability. This issue is due to a design error that allows a remote user to execute a method in the offending...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Microsoft Internet Explorer 6.0 IMSKDIC.DLL Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19521/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs because the application fails to load a DLL library when instantiated as an ActiveX control. An attacker may exploit...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10174/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by a file upload and execution vulnerability. This issue is due to a design error that allows a remote user to specify a file to be uploaded a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Microsoft Visual Studio .NET msdds.dll Remote Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14594/info Microsoft Visual Studio .NET is prone to a vulnerability that could allow remote arbitrary code execution. This is due to a buffer overflow that is exposed during COM object instantiation. The list of vulnerabl...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow

No description provided by source. !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow PROBABLY leading to arbitrary code execution. COM Object - DE7DA0B5-7D7B-4CEA-8739-65CF600D511E MW6DataMatrix Class File...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Mcafee FreeScan CoMcFreeScan Browser Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Microsoft Windows 2000 Multiple COM Object Instantiation Code Execution Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19636/info Microsoft Windows 2000 is prone to multiple memory-corruption vulnerabilities that are related to the instantiation of COM objects. These issues may be remotely triggered through Internet Explorer. The...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Flash Player (Flash6.ocx) AllowScriptAccess DoS PoC

No description provided by source. !-- Title : Flash Player Flash6.ocx AllowScriptAccess DoS PoC Found By : DrIDE Tested on : Windows XPSP3 VM + IE7 COM Object ID : D27CDB6E-AE6D-11cf-96B8-444553540000 Shockwave Flash Object COM Object Filename : C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx File...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Microsoft Internet Explorer 6.0 Visual Studio COM Object Instantiation Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19572/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability that occurs when instantiating Visual Studio COM objects. The vulnerability arises because of the way Internet Explorer tries to...

7.1AI score
Exploits0
Rows per page
Query Builder