NTR ActiveX Control StopModule() Remote Code Execution

This module exploits a vulnerability found in the NTR ActiveX 1.1.8. The vulnerability exists in the StopModule method, where the lModule parameter is used to dereference memory to get a function pointer, which leads to code execution under the context of the user visiting a malicious web page...

Microsoft Internet Explorer execCommand Use-After-Free

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20120221)

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could u...

CentOS Update for httpd CESA-2012:0128 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Microsoft XML Core Services MSXML Uninitialized Memory Corruption

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Ubuntu: Security Advisory (USN-1373-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for openjdk-6b18 USN-1373-2

Ubuntu Update for Linux kernel vulnerabilities USN-1373-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN13732.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for openjdk-6b18 USN-1373-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net...

USN-1373-2: OpenJDK 6 (ARM) vulnerabilities

USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM armel. This provides the corresponding OpenJDK 6 update for use with the ARM armel architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Original adviso...

java-1_6_0-openjdk: Update to iced tea 1.11.1 b24 security release (important)

java-160-openjdk was updated to the b24 release, fixing multiple security issues: Security fixes - S7082299, CVE-2011-3571: Fix inAtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687,...

Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : openjdk-6 vulnerabilities (USN-1373-1)

It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. CVE-2011-5035 ATTENTION: this update changes previous Java...

USN-1373-1: OpenJDK 6 vulnerabilities

It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. CVE-2011-5035 ATTENTION: this update changes previous Java...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CentOS 6 : java-1.6.0-openjdk (CESA-2012:0135)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

java security update

CentOS Errata and Security Advisory CESA-2012:0135 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring Syste...

Critical: java-1.6.0-openjdk

Issue Overview: It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine JVM, or bypass Java sandbox restrictions...

Critical: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute

This module exploits a vulnerability in Icona SpA C6 Messenger 1.0.0.1. The vulnerability is in the DownloaderActiveX Control DownloaderActiveX.ocx. The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user. This module requires...

Opera 10/11 (bad nesting with frameset tag) Memory Corruption

No description provided by source. Exploit for Opera 10/11 bad nesting with frameset tag Memory Corruption Vulnerability: Discovered: 2010-08-18 Patched: 2011-05-18 Tested on: v10.xx v10.00, v10.01, v10.10, v10.50, v10.51, v10.52, v10.53, v10.54, v10.6, v10.61, v10.62 and v10.63 v11.xx v11.11...

Microsoft WMI Administration Tools ActiveX Buffer Overflow

$Id: wmiadmintools.rb 11405 2010-12-23 01:36:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...