1167 matches found
Microsoft SQL Server Distributed Management Objects buffer overflow
Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...
Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability
Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...
Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability
Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...
HP - ActiveX hpqutil.dll ListFiles Remote Heap Overflow (PoC)
HP - ActiveX hpqutil.dll ListFiles Remote Heap Overflow PoC :. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: ActiveX hpqutil!ListFiles hpqutil.dll - Remote heap overflow. ============================================================= Internal ID: VULWAR200706041...
HP ActiveX (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow PoC
Exploit for unknown platform in category dos / poc ======================================================================= HP ActiveX hpqutil.dll ListFiles hpqutil.dll Remote Heap Overflow PoC ======================================================================= :. GOODFELLAS Security Research...
HP - ActiveX 'hpqutil.dll' ListFiles Remote Heap Overflow (PoC)
:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: ActiveX hpqutil!ListFiles hpqutil.dll - Remote heap overflow. ============================================================= Internal ID: VULWAR200706041 introduction ------------ GOODFELLAS security research team has...
Callisto PhotoParade Player PhPInfo ActiveX control buffer overflow
Overview The Callisto PhotoParade Player PhPInfo ActiveX control contains a buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Callisto PhotoParade Player includes an ActiveX control called PhPinfo. The ActiveX control...
Assurent VR - Microsoft Agent Crafted URL Stack Buffer Overflow
Microsoft Agent Crafted URL Stack Buffer Overflow Assurent ID: FSC20070911-11 1. Affected Software Microsoft Agent, version 2.0.0.3425 bundled with Windows 2000 Service Pack 4 Reference: http://www.microsoft.com/msagent/ 2. Vulnerability Summary The Microsoft Agent ActiveX control contains a buff...
Intuit QuickBooks Online Edition ActiveX控件多个远程安全漏洞
BUGTRAQ ID: 25544 CVECAN ID: CVE-2007-4471,CVE-2007-0322 QuickBooks Online Edition是一款在线财务软件。 QuickBooks Online Edition的ActiveX控件处理在处理畸形用户请求时存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 如果用户受骗打开了恶意HTML文档的话,QuickBooks Online Edition...
Earth Resource Mapping NCSView ActiveX control stack buffer overflows
Overview The Earth Resource Mapping NCSView ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Earth Resource Mapping NCSView ActiveX control, which is provided by...
Intuit QuickBooks Online Edition ActiveX control stack buffer overflows
Overview The Intuit QuickBooks Online Edition ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Intuit QuickBooks Online Edition is a version of QuickBooks that functions withi...
Broderbund Expressit 3DGreetings Player ActiveX control buffer overflows
Overview The Broderbund Expressit 3DGreetings Player ActiveX control contains multiple buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The 3DGreetings Player is an ActiveX control that displays 3D greeting cards...
iDefense Security Advisory 08.30.07: Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities
Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities iDefense Security Advisory 08.30.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 30, 2007 I. BACKGROUND Yahoo! Messenger is a instant messaging application that allows users to chat online, share...
Oracle JInitiator ActiveX control stack buffer overflows
Overview The Oracle JInitiator ActiveX control contains multiple stack buffer overflows, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle JInitiator allows users to run Oracle Developer Server applications within a web...
联想Automated Solutions ActiveX控件多个安全漏洞
BUGTRAQ ID: 25311 CVECAN ID: CVE-2007-2928,CVE-2007-2929,CVE-2007-2240 Automated Solutions是联想和IBM电脑中所安装的ActiveX工具软件包。 Automated Solutions的ActiveX控件实现上存在格式串处理漏洞,远程攻击者可能利用此漏洞控制用户系统。 Automated...
IBM and Lenovo Access Support acpRunner ActiveX control fails to restrict access to methods
Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to restrict access to its methods, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes severa...
Motive Communications ActiveUtils EmailData ActiveX control stack buffer overflows
Overview The Motive Communications ActiveUtils EmailData ActiveX control contains multiple stack buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description Motive Communications ActiveUtils is a software package used by multiple ISPs to provide...
IBM and Lenovo Access Support acpRunner ActiveX control format string vulnerability
Overview The IBM Lenovo Access Support acpRunner ActiveX control contains a format string vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...
vmware-create-exec.txt
:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: VmWare Inc version 6.0.0 CreateProcess & CreateProcessEx Remode Code Execution Exploit ====================================================================================== Internal ID: VULWAR200707300. -----------...
vmware-vielib-exec.txt
:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: vielib.dll 2.2.5.42958 VmWare Inc version 6.0.0 Remode Code Execution Exploit ============================================================================= Internal ID: VULWAR200707290. ----------- Introduction...