Microsoft Windows Speech组件语音识别远程命令执行漏洞（MS08-032）

BUGTRAQ ID: 22359 CVECAN ID: CVE-2007-0675 Microsoft Windows是微软发布的非常流行的操作系统。 如果Windows中启用了语音识别功能的话，则Speech组件sapi.dll中存在远程执行代码漏洞。攻击者可以通过构造嵌入了声音对象的特制网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP1 Microsoft...

Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits (950760)

Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits 950760 Published: June 10, 2008 Version: 1.0 General Information Executive Summary This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could...

BackWeb Lite Install Runner ActiveX stack buffer overflows

Overview The BackWeb Lite Install Runner ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description BackWeb Lite Install Runner is an ActiveX control that is used to install software on...

HP Online Support Services ActiveX GetFileTime() buffer overflow

Overview HP Online Support Services contains the function GetFileTime, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description HP Services provides online product support services including ...

HP Online Support Services ActiveX MoveFile() buffer overflow

Overview HP Online Support Services contains the function MoveFile, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description HP Services provides online product support services including HP...

HP Online Support Services ActiveX StartApp() arbitrary code execution

Overview The HP Online Support Services ActiveX control contains a method called StartApp. This may allow a remote, unauthenticated attacker to execute local files on a vulnerable system in the context of the local user. Description HP Services provides online product support services including H...

HP Instant Support HPISDataManager.dll ActiveX控件任意文件下载漏洞

BUGTRAQ ID: 29530 CVECAN ID: CVE-2007-5608 HP Instant Support是是基于网络的故障诊断和排除工具套件，适用于桌面计算和打印产品。 HP Instant Support所安装的HPISDataManager.dll ActiveX控件没有正确地过滤对DownloadFile函数的输入参数。如果用户受骗访问了恶意网页并向该函数传送了超长参数的话，就可能导致向本地系统下载任意文件。 HP Instant Support 1.0.0.22 临时解决方法：...

HP Online Support Services ActiveX ExtractCab() buffer overflow

Overview HP Online Support Services contains the function ExtractCab, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system in the context of the local user. Description HP Services provides online...

NCTSoft产品NCTAudioInformation2 ActiveX控件缓冲区溢出漏洞

BUGTRAQ ID: CVE ID：CVE-2008-0959 CNCVE ID:CNCVE-20080959 NCTAudio是一款软件开发者能够在程序中加入录制、编辑和播放的ActiveX控件。 NCTAudio NCTAudioInformation2控件存在参数检查边界错误，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 NCTAudioInformation2.dll处理部分参数或方法时存在边界条件检查错误，构建恶意WEB页，诱使用户访问，可导致以应用程序权限执行任意指令。 NCTAudioEditor ActiveX DLL 2.x NCTAudioStudio...

联众世界GLIEDown2.dll Active控件多个缓冲区溢出漏洞

BUGTRAQ ID: 29118,29446 联众世界是在中国非常流行的在线游戏网站。 联众世界的游戏大厅主程序GLWorld所安装的GLIEDown2.dll ActiveX控件（CLSID：F917534D-535B-416B-8E8F-0C04756C31A8）没有正确地处理对IEStart、IEStartNative方式以及ServerList、GameInfo和GruopName属性的输入参数。如果用户受骗访问了恶意网页并向这些方式传送了特制参数的话，就可能触发堆溢出或栈溢出，导致在用户系统上执行任意指令。 利用此漏洞进行挂马的0day攻击已经出现。 GlobalLink...

creative-overflow.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CacheFolder property is vulnerable to stack-based buffer overflow after 260 bytes, @ 512 bytes overwrites SEH and allows code execution reliably. Original Advisory @ http://www.kb.cert.org/vuls/id/501843 and Vulnerability...

Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX stack buffer overflows

Overview The Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies, which was formerly known as NCT...

Creative Software AutoUpdate Engine ActiveX stack buffer overflow

Overview The Creative Labs AutoUpdate Engine ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Creative Software AutoUpdate Engine ActiveX control is a component that provides...

Share Trojan-free kill technology experience-vulnerability warning-the black bar safety net

Trojan horsefree kill,in the country should originate in the 0 to 5 years. From then on a single feature of the code is now a composite signature,antivirus software from Active defense to Active Defense. Free to killtechnology is increasingly difficult. But plus ça change--change the feature code...

From the flowers began to scold kill free-vulnerability warning-the black bar safety net

The topic you read that right, and indeed from the flower began to scoldfree kill. Why you want to scold it, in fact because of recent school bored, so using a mobile phone on the QQ scurry. Not is I which nerve dislocation, is looking for a to teachfree killchat updon't ask me how I make him tal...

联众世界GLIEDown2.dll Active控件任意代码执行漏洞

联众世界是在中国非常流行的在线游戏网站。 联众世界的游戏大厅主程序GLWorld所安装的GLIEDown2.dll ActiveX控件（CLSID：F917534D-535B-416B-8E8F-0C04756C31A8）没有正确地处理某些用户输入参数，如果用户受骗访问了恶意网页并向这些方式传送了特制参数的话，可能导致在用户系统上执行任意指令。 利用此漏洞进行挂马的0day攻击已经出现。 GlobalLink 2.8.1.2 beta 临时解决方法： 为有漏洞的控件设置Kill-Bit： Windows Registry Editor Version 5.00...

Grape Statistics 0.2a - location Remote File Inclusion

Grape Statistics 0.2a - location Remote File Inclusion Name : Grape Web Statistics Remote File include Vulnerability Download From :http://www.quate.net/link.php?grape Found By : MajnOoNxHaCkEr Home Page : http://www.4rxh.com...

CA DSM gui_cm_ctrls.ocx ActiveX控件远程代码执行漏洞

BUGTRAQ ID: 28809 CVECAN ID: CVE-2008-1786 CA桌面和服务器管理（DSM）产品中包含多种应用，分别用来执行软件分发、远程控制和资产管理任务。 DSM产品所提供的guicmctrls ActiveX控件没有充分的验证函数输入，如果用户受骗访问了恶意网页的话就可能导致拒绝服务或在WEB浏览器会话中执行任意代码。 Computer Associates guicmctrls.ocx 11.2.3.1896 Computer Associates guicmctrls.ocx 11.2.2000.4 Computer Associates...

grape-rfi.txt

Name : Grape Web Statistics Remote File include Vulnerability Download From :http://www.quate.net/link.php?grape Found By : MajnOoNxHaCkEr Home Page : http://www.4rxh.com ============================================================================ Vulne Code In File functions.php : Function:...

Microsoft Security Bulletin MS08-023 - Critical

Microsoft Security Bulletin MS08-023 - Critical Security Update of ActiveX Kill Bits 948881 Published: April 8, 2008 Version: 1.0 General Information Executive Summary This security update resolves one privately reported vulnerability for a Microsoft product. This update also includes a kill bit...