MS09-046: Vulnerability in the DHTML Editing Component ActiveX control could allow remote code execution

MS09-046: Vulnerability in the DHTML Editing Component ActiveX control could allow remote code execution INTRODUCTION Microsoft has released security bulletin MS09-046. To view the complete security bulletin, visit one of the following Microsoft Web sites: Home users:...

Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)

This host is missing a critical security update according to Microsoft Bulletin MS09-046. OpenVAS Vulnerability Test $Id: secpodms09-046.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability 956844 Authors: Sharath S Copyright: Copyrigh...

Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)

This host is missing a critical security update according to Microsoft Bulletin MS09-046. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Design/Logic Flaw

The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component...

CVE-2009-2519

CVE-2009-2519 describes a remote code execution vulnerability in the DHTML Editing Component ActiveX Control (triedit.dll) bundled with Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises when formatting HTML markup, allowing a crafted web page viewed in Internet Explorer to trigge...

Microsoft DHTML Editing Component ActiveX Control Code Execution (MS09-046; CVE-2009-2519)

The DHTML Editing Component ActiveX control provides an HTML editor that can be used to support dynamic Web site HTML editing in software. A remote code execution vulnerability has been reported in the DHTML Editing Component ActiveX Control. The vulnerability is due to a memory corruption error ...

Microsoft Active Template Library Object Type Mismatch Remote Code Execution Vulnerability

Description The Microsoft Active Template Library is prone to a remote code-execution vulnerability. NOTE: This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected. Remote attackers can exploit this issue to execute...

Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability in the Active Template Library ATL. Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built against the affected library. Failed exploit...

Microsoft Visual Studio ATL 'VariantClear()' Remote Code Execution Vulnerability

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability in the Active Template Library ATL. Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built with the affected library. Technologies Affected...

MS05-013: Vulnerability in the DHTML Editing Component may allow code execution (891781)

The remote host is running a version of Windows which contains a flaw in the DHTML Editing Component ActiveX Control. An attacker could exploit this flaw to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious web page and lure a victim...

Microsoft Internet Explorer DHTML Editing ActiveX control contains a cross-domain vulnerability

Overview A cross-domain vulnerability exists in the DHTML Editing ActiveX control. An attacker may be able to execute arbitrary script in the Local Machine Zone or read or modify data in other domains. For example, the attacker could execute arbitrary commands with parameters, download and execut...

CVE-2004-1173

Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model DOM methods in the DHTML Dynamic HTML DHTML Editing Component DEC and Javascript that calls showModalDialog...

CVE-2004-1173

Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model DOM methods in the DHTML Dynamic HTML DHTML Editing Component DEC and Javascript that calls showModalDialog...

Microsoft Internet Explorer 45 - DHTML Edit ActiveX Control File Stealing Cross Frame Access

Microsoft Internet Explorer 45 - DHTML Edit ActiveX Control File Stealing Cross Frame Access source: https://www.securityfocus.com/bid/116/info Vulnerabilities in an ActiveX control distributed with Internet Explorer 5 and available for Internet Explorer 4 allow malicous web sites to steal local...