15 matches found
Shifting Strategies
Formula One is always a sport I wanted to enjoy more than I actually did. I found the strategy always more compelling than the actual racing, which was usually just a procession. Of course, the crashes were always spectacular, not least because it would cause all the team strategies to be...
Who has the fastest website in F1?
I was trying to make my predictions for the new Formula One season by studying the aerodynamics of the cars, their cornering speeds, their ability to run with different amounts of fuel. Then it hit me: I have no idea what I'm doing. So, I'm going to make my predictions the only way I know how: By...
HP Sprinter Tidestone Formula One ActiveX Multiple Memory Corruption (CVE-2014-2635)
Multiple vulnerabilities exist in HP Sprinter. The vulnerabilities are in methods AttachToSS, CopyRange, CopyRangeEx, and SwapTables within the Tidestone Formula One ActiveX control. A remote, unauthenticated attacker could exploit this vulnerability by enticing an unsuspecting victim to follow a...
HP Sprinter Tidestone Formula One DefaultFontName Buffer Overflow (CVE-2014-2638)
A code execution vulnerability exists in HP Sprinter. The vulnerability is due to a buffer overflow while handling the DefaultFontName property within the Tidestone Formula One ActiveX control. A remote attacker could exploit this vulnerability by enticing an unsuspecting victim to follow a...
Hewlett-Packard Sprinter TTF16.ocx DefaultFontName Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Sprinter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability is found in Tidestone Formula One...
Hewlett-Packard Sprinter TTF16.ocx SwapTables Method Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Sprinter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability is found in Tidestone Formula One...
Hewlett-Packard Sprinter TTF16.ocx CopyRange/CopyRangeEx Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Sprinter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability is found in Tidestone Formula One...
Oracle Hyperion Strategic Finance 12.x Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow
No description provided by source. !-- Oracle Hyperion Strategic Finance Client 12.x Tidestone Formula One WorkBook OLE Control TTF16 6.3.5 Build 1 SetDevNames Remote Heap Overflow poc 99% stable,IE-no-dep. I think this control can be carried by other products, however 6.1 seems not vulnerable A...
Heap overflow
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
CVE-2011-5167
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control TTF16.ocx 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter...
CVE-2011-5167
CVE-2011-5167 describes a heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) version 6.3.5 Build 1 used by Oracle Hyperion Strategic Finance 12.x (and possibly earlier). An attacker could trigger arbitrary code execution by supplying a lo...
Oracle Hyperion Strategic Finance Formula One ActiveX控件"SetDevNames()"
Oracle Hyperion Financial Management是综合性的、可扩展的、基于Web的国际财务集成、报告和分析的解决方案。 Oracle Hyperion Strategic Finance在实现上存在安全漏洞,可被恶意用户利用控制用户系统。 此漏洞源于Formula One ActiveX控件TTF16.ocx的"SetDevNames"方法中的边界错误,通过 "DriverName" 参数中传递的超长字符串可造成堆缓冲区溢出。 Oracle Hyperion Strategic Finance 11.x Oracle Hyperion Strategic...
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow
var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...
Oracle Hyperion Strategic Finance Client 12.x Heap Overflow
var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + //add Administrator, user: sun, pass: tzu "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" +...
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow
Oracle Hyperion Strategic Finance 12.x - Tidestone Formula One WorkBook OLE Control TTF16.ocx Remote Heap Overflow var finalsize = 1200; var final = ''; var heap = null; var curr = 0; function x heap = new heapLib.ie0x20000; var heapspray = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u494...