7 matches found
VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow
$Id: vlcsmburi.rb 8475 2010-02-13 06:58:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Microsoft ATL Multiple ActiveX Remote Code Executions (MS09-037; CVE-2008-0020; CVE-2009-2493; CVE-2009-2494)
The Active Template Library ATL is a set of template-based C++ classes that simplify the programming of Component Object Model COM objects. Multiple remote code execution vulnerabilities have been reported in the Microsoft ATL. The vulnerabilities are due to an error in the Load method of the...
iDefense Security Advisory 08.11.09: Multiple Vendor Microsoft ATL/MFC ActiveX Type Confusion Vulnerability
iDefense Security Advisory 08.11.09 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 11, 2009 I. BACKGROUND Microsoft's Component Object Model COM was designed to allow interoperability between disjointed software components. It is a standardized interface solution to the programming...
CVE-2009-2494
The Active Template Library ATL in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and...
CVE-2009-2494
Microsoft ATL (Active Template Library) in Windows platforms vulnerable to remote code execution due to an erroneous free operation after reading a variant from a stream and deleting it (ATL Object Type Mismatch). Affected products include Windows XP/2000/2003/Vista/Server editions as listed in M...
Microsoft活动模板库对象类型不匹配远程代码执行漏洞(MS09-037)
BUGTRAQ ID: 35982 CVECAN ID: CVE-2009-2494 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的活动模板库(ATL)头可能允许从数据流中读取变量而通过无效变量读取变量类型,导致在删除变量时可能会释放攻击者所控制的非预期内存区。如果用户加载了恶意网站上的特制组件或控件,这个漏洞可以允许远程执行代码。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows X...
MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
The remote Windows host contains a version of the Microsoft Active Template Library ATL, included as part of Visual Studio or Visual C++, that is affected by multiple vulnerabilities : - A remote code execution issue affects the Microsoft Video ActiveX Control due to the a flaw in the function...