Adobe Macromedia Shockwave Player ActiveX installer buffer overflow vulnerability

Overview The ActiveX installer for Adobe Macromedia Shockwave contains a buffer overflow, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Shockwave Player Adobe Macromedia Shockwave Player is software that plays active web content...

Microsoft Internet Explorer vulnerable to code execution via mismatched DOM objects

Overview Microsoft Internet Explorer fails to properly handle requests to mismatched DOM objects, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer does not properly handle requests to mismatched DOM objects, such as the...

VERITAS Storage Exec DCOM servers contain multiple buffer overflows

Overview VERITAS Storage Exec contains several buffer overflows, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description VERITAS Storage Exec is software package that performs storage management. Multiple DCOM server components provided by Storage Exec...

CVE-2002-1714

Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service crash via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion...

Maxwebportal 1.36 - Password.asp Change Password (1) (HTML)

Maxwebportal 1.36 - Password.asp Change Password 1 HTML -----------------Code Start-----Version 1.35 and older-------------- pass1: pass2: Id: Member Key: -----------------End------------------- Version 1.36, 2.0, 20050418 Next: -----------------Code Start-----Version 1.36, 2.0, 20050418...

Microsoft Internet Explorer Content Advisor contains a buffer overflow

Overview A buffer overflow in Microsoft Internet Explorer Content Advisor may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Content Advisor is used to control what content is viewable in Internet Explorer. A buffer overflow exists in the routines that...

Microsoft Internet Explorer DHTML objects contain a race condition

Overview A race condition in the way that Internet Explorer handles DHTML objects may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Microsoft:Dynamic HTML DHTML is built on an object model that extends the traditional static HTML document which...

Microsoft Internet Explorer URL validation routine contains a buffer overflow

Overview A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer IE contains an unspecified vulnerability in the way that it handles certain URLs. The process that checks the URL contain...

US-CERT Technical Cyber Security Alert TA04-315A -- Buffer Overflow in Microsoft Internet Explorer

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA04-315A Buffer Overflow in Microsoft Internet Explorer Original release date: November 10, 2004 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows systems running Internet Explorer versions 6.0 and...

Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements

Overview Microsoft Internet Explorer IE contains a buffer overflow vulnerability that can be exploited to execute arbitrary code with the privileges of the user running IE. Description A heap buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of HTML elements...

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution

source: https://www.securityfocus.com/bid/10652/info Microsoft Internet Explorer is reported prone to a security weakness that may permit malicious HTML documents the ability to execute script code. This script code has the ability to alter registry settings that may allow for further attacks. In...

CVE-2003-0662

CVE-2003-0662 describes a buffer overflow in the Windows 2000 Troubleshooter ActiveX Control (Tshoot.ocx). The vulnerability exists in Windows 2000 SP4 and earlier and allows a remote attacker to execute arbitrary code by delivering a crafted HTML document with a long argument to the RunQuery2 me...

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation source: https://www.securityfocus.com/bid/10514/info Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted fro...

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation

source: https://www.securityfocus.com/bid/10514/info Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted from the Local Zone or other Security Zones with relaxed security...

Microsoft Internet Explorer 5/6 - Self Executing HTML File

source: https://www.securityfocus.com/bid/6961/info Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explorer will open and parse the file. When the script that poin...

[LoWNOISE] "Get Knowledge" SunONE Starter Kit - Sun Microsystems/Astaware

LoWNOISE "Get Knowledge" SunONE Starter Kit - Sun Microsystems/Astaware by Efrain 'ET' Torres, Colombia 2002. [email protected] +Disclaimer: blah. +Product: -SunONE Starter Kit v2.0 Sun Microsystems CD-ROM Version -ASTAware SearchDisk 2002. ASTAWARE Technologies Inc. +Introduction You are one of...

CVE-2002-0823

Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control HHCtrl.ocx with a long pathname in the Item parameter...

Microsoft Internet Explorer HTML rendering engine contains buffer overflow processing SRC attribute of HTML <EMBED> directive

Overview The Microsoft Internet Explorer HTML rendering engine contains a vulnerability in its handling of the SRC attribute of the HTML directive. An attacker who is able to convince a user to read a malicious HTML file may be able to crash Internt Explorer or execute arbitrary code with the...

DoS против FrontPage server

При использовании имени DOS-устройства в названии HTML0документа при обращении к shtnl.exe вызывает отказ сервиса в обслуживании...