7310 matches found
CVE-2004-1906
Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow...
CVE-2002-1257
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...
CVE-2002-1180
A typographical error in the script source access permissions for Internet Information Server IIS 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."...
CVE-2002-1180
CVE-2002-1180 affects Microsoft Internet Information Services (IIS) 5.0. The issue is a typographical error in script source access permissions that does not properly exclude .COM files, allowing attackers with only write permissions to upload malicious .COM files to run code on the server. Accor...
CVE-2002-1257
The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...
CVE-2002-1582
compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi...
Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities
source: https://www.securityfocus.com/bid/10199/info Yahoo! Messenger COM objects YInstHelper.YInstStarter.1 and YInstHelper.YSearchSetting2 have been reported prone to remotely exploitable buffer overflow vulnerabilities. The conditions are triggered when properties are assigned values strings o...
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload Execution
Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload Execution source: https://www.securityfocus.com/bid/10174/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by a file upload and execution vulnerability. This issue is due to a design error that allows...
Softwin BitDefender - AvxScanOnlineCtrl COM Object Information Disclosure
source: https://www.securityfocus.com/bid/10175/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by an information disclosure vulnerability. This issue is due to a design error that allows a remote user to execute a method in the offending object that provides access to...
CVE-2003-0807
CVE-2003-0807 : A denial-of-service vulnerability in Microsoft Windows where the COM Internet Services (CIS) and RPC over HTTP Proxy components can be overwhelmed by a crafted forwarded response, causing the backend to stop accepting requests. Related connected documents (MS04-012) identify this ...
Microsoft Windows creates COM object identifiers incorrectly
Overview A vulnerability exists in Microsoft's COM object component. Explotiation of this vulnerability may lead to information disclosure and the ability for an attacker to open services on network communication ports. Description Microsoft's COM object component creates object identifiers in a...
Microsoft CIS and RPC over HTTP Proxy components fail to properly handle responses
Overview A vulnerability in a Microsoft HTTP Proxy component may lead to a denial of service. Description Microsoft's COM Internet Sevices CIS and Remote Procedure Call RPC over HTTP Proxy contain a vulnerability that could permit an attacker to cause a denial of service. When a forwarded request...
Symantec Security Check Virus Detection - COM Object Denial of Service
Symantec Security Check Virus Detection - COM Object Denial of Service source: https://www.securityfocus.com/bid/10069/info Symantec Virus Detection is a web based service that detects viruses and trojan horses. It is a freely available service that can be run via Microsoft Internet Explorer,...
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to...
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure
source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information access credentials. Successful...
Symantec Security Check Virus Detection - COM Object Denial of Service
source: https://www.securityfocus.com/bid/10069/info Symantec Virus Detection is a web based service that detects viruses and trojan horses. It is a freely available service that can be run via Microsoft Internet Explorer, Netscape Communicator or Apple Safari web browsers. The...
Adobe Photoshop 8.0 - COM Objects Denial of Service
Adobe Photoshop 8.0 - COM Objects Denial of Service source: https://www.securityfocus.com/bid/10061/info It has been reported that Adobe Photoshop may be prone to a denial of service vulnerability that may crash an instance of Internet Explorer. An attacker can exploit this issue by creating a...
Adobe Photoshop 8.0 - COM Objects Denial of Service
source: https://www.securityfocus.com/bid/10061/info It has been reported that Adobe Photoshop may be prone to a denial of service vulnerability that may crash an instance of Internet Explorer. An attacker can exploit this issue by creating a script that attempts to create a COM object and entici...
CVE-2003-0179
CVE-2003-0179 describes a buffer overflow in the COM Object Control Handler for Lotus Domino before/including 6.0.1, exploitable via multiple vectors through the iNotes ActiveX control’s InitializeUsingNotesUserName method. The issue allows remote attackers to execute arbitrary code on affected s...
Microsoft Security Bulletin MS02-069: Flaw in Microsoft VM Could Enable System Compromise (810030)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in Microsoft VM Could Enable System Compromise 810030 Date: 11 December 2002 Software: Microsoft VM Impact: Eight vulnerabilities, the most serious of which would enable an...