Adobe Acrobat and Adobe Reader Plugin Object Reloading Memory Corruption (CVE-2009-2983)

Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. In addition t...

CVE-2009-3987

The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry, which allows remote attackers to obtain potentially sensitive...

Mozilla Foundation Security Advisory 2009-71

Mozilla Foundation Security Advisory 2009-71 Title: GeckoActiveXObject exception messages can be used to enumerate installed COM objects Impact: Low Announced: December 15, 2009 Reporter: Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 3.5.6 Firefox 3.0.16 SeaMonkey 2.0.1...

FreeBSD : mozilla -- multiple vulnerabilities (01c57d20-ea26-11de-bd39-00248c9b4be7)

Mozilla Project reports : MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects MFSA 2009-70 Privilege escalation via chrome window.opener MFSA 2009-69 Location bar spoofing vulnerabilities MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-67 Integer...

mozilla -- multiple vulnerabilities

Mozilla Project reports: MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects MFSA 2009-70 Privilege escalation via chrome window.opener MFSA 2009-69 Location bar spoofing vulnerabilities MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-67 Integer...

GeckoActiveXObject exception messages can be used to enumerate installed COM objects — Mozilla

Security researcher Gregory Fleischer reported that the exception messages generated by Mozilla's GeckoActiveXObject differ based on whether or not the requested COM object's ProgID is present in the system registry. A malicious site could use this vulnerability to enumerate a list of COM objects...

Foxit Reader - COM Objects Memory Corruption Remote Code Execution

Bugtraq ID: 36673 Published: Oct 14 2009 12:00AM Updated: Nov 19 2009 03:25PM Credit: mrx Vulnerable: Foxit Reader 3.1.1 Build 0928 Foxit Foxit Reader 3.0.2009 1301 Foxit Foxit Reader 3.0 Build 1817 Foxit Foxit Reader 3.0 Build 1506 Foxit Foxit Reader 3.0 Foxit Reader is prone to a remote...

Foxit Reader - COM Objects Memory Corruption Remote Code Execution

Foxit Reader - COM Objects Memory Corruption Remote Code Execution Bugtraq ID: 36673 Published: Oct 14 2009 12:00AM Updated: Nov 19 2009 03:25PM Credit: mrx Vulnerable: Foxit Reader 3.1.1 Build 0928 Foxit Foxit Reader 3.0.2009 1301 Foxit Foxit Reader 3.0 Build 1817 Foxit Foxit Reader 3.0 Build 15...

Foxit Reader COM Objects Memory Corruption Remote Code Execution Vulnerability

No description provided by source. Bugtraq ID: 36673 Published: Oct 14 2009 12:00AM Updated: Nov 19 2009 03:25PM Credit: mrx Vulnerable: Foxit Reader 3.1.1 Build 0928 Foxit Foxit Reader 3.0.2009 1301 Foxit Foxit Reader 3.0 Build 1817 Foxit Foxit Reader 3.0 Build 1506 Foxit Foxit Reader 3.0 Foxit...

Internet Explorer Multiple COM Objects Memory Corruption (MS05-037 MS05-038; CVE-2005-1990; CVE-2005-2087)

Microsoft Internet Explorer allows HTML documents to embed ActiveX controls for the authoring of dynamic web content. ActiveX controls are based on Component Object Model COM technologies. There exists a vulnerability in the way Microsoft Internet Explorer instantiates certain COM objects that ar...

Internet Explorer DirectAnimation COM Object Memory Corruption (MS06-042; CVE-2006-3638)

Microsoft Internet Explorer allows HTML documents to embed ActiveX controls for the authoring of dynamic web content. ActiveX controls are based on Component Object Model COM technology. The invocation of an ActiveX control is performed by Internet Explorer by internally instantiating a COM objec...

Adobe Reader 9.1.3 Acrobat - COM Objects Memory Corruption Remote Code Execution

Adobe Reader 9.1.3 Acrobat - COM Objects Memory Corruption Remote Code Execution source: https://www.securityfocus.com/bid/36668/info Adobe Reader and Acrobat are prone to a remote code-execution vulnerability because they fail to properly handle certain COM objects. An attacker can exploit this...

Adobe Reader 9.1.3 / Acrobat - COM Objects Memory Corruption Remote Code Execution

source: https://www.securityfocus.com/bid/36668/info Adobe Reader and Acrobat are prone to a remote code-execution vulnerability because they fail to properly handle certain COM objects. An attacker can exploit this issue by supplying a malicious PDF file or webpage. Successful exploits may allow...

Microsoft Outlook View ActiveX Controls Remote Code Execution (MS09-055; CVE-2009-2493)

ActiveX controls are reusable software components based on Microsoft Component Object Model COM. A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in several Microsoft Outlook View ActiveX controls. To trigger this issue, ...

Microsoft Visual Basic Kill Bits

Visual Basic is an event-driven programming language that was created by Microsoft for building stand alone Windows-based programs. Developers can use it for quickly building GUI applications. Several remote code execution vulnerabilities have been reported in Microsoft Visual Basic. To trigger...

NCTVideoStudio ActiveX DLLs 1.6 Insecure Method File Creation Exploit

No description provided by source. HTML b NCTVideoStudio ActiveX DLLs Version 1.6 Insecure Method File Creation /b b br/br/ Author : Mountassif Moad a.k.a Stack br/ br/ br/ b/ RegKey Safe for Script: Falsebr/ RegKey Safe for Init: Falsebr/ Implements IObjectSafety: Truebr/ IDisp Safe: Safe for...

MS Internet Explorer COM Objects File Download Exploit (MS05-038)

No description provided by source. /+++++++++++++++++++++++++++++++++++++++++++++++ Ms05 038 exploit POC Write By ZwelL 2005 8 11 http://www.donews.net/zwell [email protected] Some code belongs to Lioncnhonker, regards to him. This code tested on Windows 2003...

EasyMail SMTP Object ActiveX Control Multiple Buffer Overflows

EasyMail Objects, a set of COM objects for supporting email protocols, is installed on the remote Windows host. It may have been bundled with a third-party application, such as Oracle Document Capture, Earthlink internet access software, Borland Caliber RM Client, and FrontRange Heat. The SMTP...

Buffer overflow

Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors...

Internet Explorer COM Object Instantiation Memory Corruption (MS07-033; CVE-2007-0218; CVE-2007-2222)

COM objects are used to enable data exchange between processes and the creation of dynamic object in different programming languages.Multiple remote code execution vulnerabilities have been reported in Microsoft Internet Explorer and in Microsoft Speech COM objects.A remote attacker could exploit...