Lucene search
K

3 matches found

seebug.org
seebug.org
added 2008/12/11 12:0 a.m.51 views

Microsoft图表ActiveX控件内存破坏漏洞(MS08-070)

BUGTRAQ ID: 32614 CVECAN ID: CVE-2008-4256 Visual Basic是用来创建高性能的企业应用程序及基于Web的应用程序的工具。 Visual Basic所安装的图表ActiveX控件(Mschrt20.ocx)在处理恶意输入参数时存在内存破坏漏洞。攻击者可以通过构造特制网页来利用该漏洞,当用户查看网页时,就可以触发这个漏洞。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Visual Basic 6.0 Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual...

8.5CVSS6.9AI score0.20976EPSS
Exploits1
CVE
CVE
added 2008/12/10 1:33 p.m.84 views

CVE-2008-4256

The CVE-2008-4256 entry maps to the Charts ActiveX Control memory corruption vulnerability in Microsoft Visual Basic 6.0 runtime components (notably Mschart20.ocx) and related VB/FoxPro runtimes. The root cause is improper error handling when accessing incorrectly initialized objects, enabling re...

8.5CVSS7.3AI score0.20976EPSS
Exploits1References7Affected Software5
Tenable Nessus
Tenable Nessus
added 2008/12/10 12:0 a.m.396 views

MS08-070: Vulnerabilities in Visual Basic 6.0 ActiveX Controls Could Allow Remote Code Execution (932349)

The remote host contains a version of the ActiveX control for Visual Basic 6.0 Runtime Extended Files that may allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and enticing a victim to visit it. Note that this control may have been included with...

9.3CVSS5.7AI score0.55917EPSS
Exploits17References7
Rows per page
Query Builder