Qualys Top 20 Most Exploited Vulnerabilities

The earlier blog posts showcased an overview of the vulnerability threat landscape that is either remotely exploited or most targeted by attackers. A quick recap – We focused on high-risk vulnerabilities that can be remotely exploited with or without authentication, and with the view on the time ...

Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic

As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminals—with no conscience and empathy—are continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers. The n...

When combining exploits for added effect goes wrong

IntroductionSince public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF documents to launch remote code when HTA applications are opened and parsed by Microsoft Word.In...

Hackers still use the old Office vulnerability for cyber-attacks-vulnerabilities-warning-the black bar safety net

! Recently, the Microsoft company said hackers in many network attacks, is still in use with one to 4 years ago, found that the Office software vulnerabilities. Hackers exploit Office software in the presence of this vulnerability, the use of the production of a good document to spread malware...

APT Group Sends Spear Phishing Emails to Indian Government Officials

Introduction On May 18, 2016, FireEye Labs observed a suspected Pakistan-based APT group sending spear phishing emails to Indian government officials. This threat actor has been active for several years and conducting suspected intelligence collection operations against South Asian political and...

APT Group Sends Spear Phishing Emails to Indian Government Officials

Introduction On May 18, 2016, FireEye Labs observed a suspected Pakistan-based APT group sending spear phishing emails to Indian government officials. This threat actor has been active for several years and conducting suspected intelligence collection operations against South Asian political and...

Proofpoint Warns Of New MSIL/Crimson Tied To Cyber Espionage

Diplomats and military personnel in India have been victimized in targeted espionage attacks that use a number of means of infection including phishing and watering hole sites. Researchers at Proofpoint this week published a report on Operation Transparent Tribe, which was ongoing as of Feb. 11...

Office”combination”formula exploits the sample analysis-vulnerability warning-the black bar safety net

by hcl, nine8 of code audit labs of vulnhunt.com 1 Overview Online disclosure of a suspected CVE-2 0 1 4-1 7 6 1 RTF sample, hanhai source analysis found that the sample is not a CVE-2 0 1 4-1 7 6 1, but in a RTF sample includes both the two vulnerabilities, respectively, for the CVE-2 0 1 2-0 1 ...

Microsoft Windows MSCOMCTL.OCX ActiveX Control Remote Code Execution - Ver2 (CVE-2012-0158)

A code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to insufficient boundary check in the MSCOMCTL ActiveX control. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Interpretation of the Bible – exploits the intermediate level skills of analysis-vulnerability warning-the black bar safety net

Inscription: From the last update feel has been a long, long time, and what time less are excuses himself becomes the lazy's true, give us an apology, after the update will speed up, today do not speak the vulnerability analysis, with me to discuss the exploits of some of the principles on the...

Grand Theft Auto Panda APT Espionage Attack Platform

Researchers have discovered a mature attack platform that’s enjoyed great success eluding detection and made good use of an exploit present in a number of espionage campaigns. The attacks have concentrated largely on the automotive industry, hitting large companies primarily in Asia and only afte...

Safe Targeted Espionage Campaign Borrows from Cybercriminals

More and more, we’re hearing about a crossing of the streams, if you will, between cybercrime and state-sponsored attackers. Elements of malware, code persistence and distribution techniques are bleeding over between one realm of hacking into the other as each side tries to fill gaps in their...

MS12-027 MSCOMCTL ActiveX Buffer Overflow

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MS12-027 MSCOMCTL ActiveX Buffer...

CVE-2012-0158

creationtimestamp| type| source ---|---|--- 2012-04-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18780 2013-07-30 07:25:04+00:00| seen| MISP/51f7672d-eef4-480c-99f0-14dc0a000b01 2013-08-02 10:04:46+00:00| seen| MISP/51c2d3d7-2b28-497a-903b-41d0ac1d4fa4 2013-08-02...

Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability

Added: 04/12/2012 CVE: CVE-2012-0158 BID: 52911 OSVDB: 81125 Background Microsoft Windows bundles various common ActiveX controls in the Common Controls library MSCOMCTL.OCX. Several Windows applications use these controls. Problem Various ActiveX controls in MSCOMCTL.OCX in the Common Controls i...

Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)

This host is missing a critical security update according to Microsoft Bulletin MS12-027. OpenVAS Vulnerability Test $Id: secpodms12-027.nasl 5366 2017-02-20 13:55:38Z cfi $ Microsoft Windows Common Controls Remote Code Execution Vulnerability 2664258 Authors: Sooraj KS Copyright: Copyright c 201...

Immunity Canvas: MS12_027

Name| ms12027 ---|--- CVE| CVE-2012-0158 Exploit Pack| CANVAS Description| MS12-027 MSCOMCTL.OCX ActiveX Buffer Overflow Notes| CVE Name: CVE-2012-0158 VENDOR: Microsoft Notes: You shoud manually start a Universal listener for this exploit. The listener IP and PORT should be declared in the modul...

CVE-2012-0158

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

CVE-2012-0158

CVE-2012-0158 is a Microsoft/MSCOMCTL.OCX (MS Office) vulnerability that enables remote code execution via a crafted file or document. The initial entry lists vulnerable controls in MSCOMCTL.OCX and notes exploitation in the wild around April 2012 (aka “MSCOMCTL.OCX RCE Vulnerability”). Connected...