VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow Vulnerability (MS11-038)

VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow Vulnerability MS11-038 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Windows is a series of software operating systems and graphical...

CVE-2011-0658

Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via ...

CVE-2011-0658

CVE-2011-0658 corresponds to Microsoft Windows OLE Automation Remote Code Execution via a malformed WMF in oleaut32.dll. Public sources (MS11-038) and multiple security analyses describe an integer underflow in the WMF parsing path, leading to arbitrary code execution when a user opens a crafted ...

Microsoft Windows OLE Automation Remote Code Execution Vulnerability (2476490)

This host is missing a critical security update according to Microsoft Bulletin MS11-038. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows OLEAUT32.DLL WMF File Remote Code Excution (MS11-038; CVE-2011-0658)

The vulnerability is caused by the way that OLE Automation parses a specially crafted WMF file. An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site. An attacker who successfully...