Microsoft COM Structured Storage Vulnerability

Overview A vulnerability in a way that various programs handle COM objects could allow a local attacker to execute arbitrary code on a vulnerable system. Description Microsoft's COM is a data representation that allows multiple kinds of objects to be stored in one document. COM structured storage...

MS05-012: Vulnerability in OLE and COM Could Allow Code Execution (873333)

The remote host is running a version of Windows that is affected by two vulnerabilities when dealing with OLE and/or COM. These vulnerabilities could allow a local user to escalate his privileges and allow a remote user to execute arbitrary code on the remote host. To exploit these flaws, an...

CVE-2004-1906

Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow...

CVE-2002-1180

CVE-2002-1180 affects Microsoft Internet Information Services (IIS) 5.0. The issue is a typographical error in script source access permissions that does not properly exclude .COM files, allowing attackers with only write permissions to upload malicious .COM files to run code on the server. Accor...

CVE-2002-1180

A typographical error in the script source access permissions for Internet Information Server IIS 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability."...

CVE-2002-1257

Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...

CVE-2002-1257

The CVE-2002-1257 issue affects Microsoft Virtual Machine (VM) up to and including build 5.0.3805. A remote attacker could deliver a Java applet that invokes COM objects on a web page or HTML email, allowing arbitrary code execution on the affected host. The vulnerability is severity high/critica...

CVE-2002-1582

compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi...

Yahoo! Messenger 5.6 - 'YInsthelper.dll' Multiple Buffer Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/10199/info Yahoo! Messenger COM objects YInstHelper.YInstStarter.1 and YInstHelper.YSearchSetting2 have been reported prone to remotely exploitable buffer overflow vulnerabilities. The conditions are triggered when properties are assigned values strings o...

Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload Execution

Softwin BitDefender - AvxScanOnlineCtrl COM Object Arbitrary File Upload Execution source: https://www.securityfocus.com/bid/10174/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by a file upload and execution vulnerability. This issue is due to a design error that allows...

Softwin BitDefender - AvxScanOnlineCtrl COM Object Information Disclosure

source: https://www.securityfocus.com/bid/10175/info Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by an information disclosure vulnerability. This issue is due to a design error that allows a remote user to execute a method in the offending object that provides access to...

CVE-2003-0807

CVE-2003-0807 : A denial-of-service vulnerability in Microsoft Windows where the COM Internet Services (CIS) and RPC over HTTP Proxy components can be overwhelmed by a crafted forwarded response, causing the backend to stop accepting requests. Related connected documents (MS04-012) identify this ...

Microsoft Windows creates COM object identifiers incorrectly

Overview A vulnerability exists in Microsoft's COM object component. Explotiation of this vulnerability may lead to information disclosure and the ability for an attacker to open services on network communication ports. Description Microsoft's COM object component creates object identifiers in a...

Microsoft CIS and RPC over HTTP Proxy components fail to properly handle responses

Overview A vulnerability in a Microsoft HTTP Proxy component may lead to a denial of service. Description Microsoft's COM Internet Sevices CIS and Remote Procedure Call RPC over HTTP Proxy contain a vulnerability that could permit an attacker to cause a denial of service. When a forwarded request...

Symantec Security Check Virus Detection - COM Object Denial of Service

Symantec Security Check Virus Detection - COM Object Denial of Service source: https://www.securityfocus.com/bid/10069/info Symantec Virus Detection is a web based service that detects viruses and trojan horses. It is a freely available service that can be run via Microsoft Internet Explorer,...

Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure

Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to...

Symantec Security Check Virus Detection - COM Object Denial of Service

source: https://www.securityfocus.com/bid/10069/info Symantec Virus Detection is a web based service that detects viruses and trojan horses. It is a freely available service that can be run via Microsoft Internet Explorer, Netscape Communicator or Apple Safari web browsers. The...

Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure

source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information access credentials. Successful...

Adobe Photoshop 8.0 - COM Objects Denial of Service

Adobe Photoshop 8.0 - COM Objects Denial of Service source: https://www.securityfocus.com/bid/10061/info It has been reported that Adobe Photoshop may be prone to a denial of service vulnerability that may crash an instance of Internet Explorer. An attacker can exploit this issue by creating a...

Adobe Photoshop 8.0 - COM Objects Denial of Service

source: https://www.securityfocus.com/bid/10061/info It has been reported that Adobe Photoshop may be prone to a denial of service vulnerability that may crash an instance of Internet Explorer. An attacker can exploit this issue by creating a script that attempts to create a COM object and entici...