648 matches found
iDefense Security Advisory 03.09.10: Microsoft Excel MDXTUPLE Record Heap Overflow Vulnerability
iDefense Security Advisory 03.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 09, 2010 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...
iDefense Security Advisory 03.09.10: Microsoft Excel MDXSET Record Heap Overflow Vulnerability
iDefense Security Advisory 03.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 09, 2010 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website:...
WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow
This module exploits a stack-based buffer overflow in WebEx's WebexUCFObject ActiveX Control. If a long string is passed to the 'NewObject' method, a stack- based buffer overflow will occur when copying attacker-supplied data using the sprintf function. It is noteworthy that this vulnerability wa...
WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow
$Id: webexucfnewobject.rb 8712 2010-03-04 17:41:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
iDefense Security Advisory 02.23.10: Multiple Vendor NOS Microsystems getPlus Downloader Input Validation Vulnerability
iDefense Security Advisory 02.23.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 23, 2010 I. BACKGROUND The getPlus Downloader is an application download and installation manager, distributed in the form of an ActiveX control. This control is used by Adobe Systems Inc. to install...
Microsoft PowerPoint "OEPlaceholderAtom" record vulnerability
No description provided by source. iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see...
iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability
iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...
iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Use-After-Free Vulnerability
iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...
Remote Vulnerability in AIX RPC.cmsd released by iDefense
Hey guys, Just now I saw that iDefense did not include in their advisory the triggering code for this http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825. I believe it's very important to test your systems and verify the released patch. So here we go:...
iDefense Security Advisory 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability
iDefense Security Advisory 02.01.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 01, 2010 I. BACKGROUND RealPlayer is an application for playing various media formats, developed by RealNetworks Inc. Since late 2003, Real Player has been based on the open-source Helix Player. More...
iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability
iDefense Security Advisory 01.12.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2010 I. BACKGROUND Adobe Reader and Acrobat are Portable Document Format PDF reader and processors. For more information, please visit following pages: http://www.adobe.com/products/reader/...
AWStats 6.1 < 6.2 - 'configdir' Remote Command Execution (Metasploit)
$Id: awstatsconfigdirexec.rb 7970 2009-12-26 03:31:20Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability
iDefense Security Advisory 12.08.09 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 08, 2009 I. BACKGROUND Indeo Video is a video codec developed by Intel and included in Microsoft Windows. For more information about Indeo codec, please the visit following website:...
iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability
iDefense Security Advisory 12.08.09 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 08, 2009 I. BACKGROUND WordPad is the default text editing application included with nearly all Windows versions since Windows 95. The Word97 converter is used to convert Word documents into the format...
Jasc Paint Shop Pro 8 Buffer Overflow
/ Software: Jasc Paint Shop Pro v8 Local Buffer Overflow Exploit UNIVERSAL Bug type: Local buffer overflow Exploitation method: SEH handler overwrite Description: When a crafted .PNG file is oppened a stack buffer overflow occurs because of DEP a SEH handler is overwriten and I overwriten his...
iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 11.10.09 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 10, 2009 I. BACKGROUND Excel is the spreadsheet application included with Microsoft Corp.'s Office productivity software suite. More information is availabl...
iDefense Security Advisory 11.10.09: Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 11.10.09 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 10, 2009 I. BACKGROUND Microsoft Word is a word processing application that is part of the Microsoft Office suite of products. For more information about...
Design/Logic Flaw
Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...
CVE-2009-3860
Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...
CVE-2009-3860
Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...