1165 matches found
MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...
Microsoft WMI Administrative Tools ActiveX Control AddContextRef vulnerability
Added: 01/07/2011 CVE: CVE-2010-3973 BID: 45546 OSVDB: 69942 Background Microsoft WMI Administrative Tools is a tool suite containing WMI CIM Studio, WMI Object Browser, WMI Event Registration Tool, and WMI Event Viewer. Problem A vulnerability in the WMI Object Viewer ActiveX control...
Microsoft WMI Administrative Tools ActiveX Control AddContextRef vulnerability
Added: 01/07/2011 CVE: CVE-2010-3973 BID: 45546 OSVDB: 69942 Background Microsoft WMI Administrative Tools is a tool suite containing WMI CIM Studio, WMI Object Browser, WMI Event Registration Tool, and WMI Event Viewer. Problem A vulnerability in the WMI Object Viewer ActiveX control...
Microsoft WMI Administrative Tools ActiveX Control AddContextRef vulnerability
Added: 01/07/2011 CVE: CVE-2010-3973 BID: 45546 OSVDB: 69942 Background Microsoft WMI Administrative Tools is a tool suite containing WMI CIM Studio, WMI Object Browser, WMI Event Registration Tool, and WMI Event Viewer. Problem A vulnerability in the WMI Object Viewer ActiveX control...
Microsoft WMI Administrative Tools ActiveX Control AddContextRef vulnerability
Added: 01/07/2011 CVE: CVE-2010-3973 BID: 45546 OSVDB: 69942 Background Microsoft WMI Administrative Tools is a tool suite containing WMI CIM Studio, WMI Object Browser, WMI Event Registration Tool, and WMI Event Viewer. Problem A vulnerability in the WMI Object Viewer ActiveX control...
SAP Crystal Reports PrintControl.dll ServerResourceVersion buffer overflow
Added: 12/22/2010 CVE: CVE-2010-2590 BID: 45387 OSVDB: 69917 Background SAP Crystal Reports allows developers to design interactive reports from virtually any data source. Problem A buffer overflow vulnerability in the PrintControl.dll ActiveX control allows command execution when a user loads a...
SAP Crystal Reports PrintControl.dll ServerResourceVersion buffer overflow
Added: 12/22/2010 CVE: CVE-2010-2590 BID: 45387 OSVDB: 69917 Background SAP Crystal Reports allows developers to design interactive reports from virtually any data source. Problem A buffer overflow vulnerability in the PrintControl.dll ActiveX control allows command execution when a user loads a...
Microsoft WMI Administrative Tool ActiveX Control Vulnerability
US-CERT is aware of a vulnerability affecting the WBEMSingleView.ocx ActiveX control. This control is part of the Microsoft WMI Administrative Tools package. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to set the...
Microsoft WMI Administrative Tools WBEMSingleView.ocx ActiveX control vulnerability
Overview The ActiveX control, WBEMSingleView.ocx, that is a part of the WMI Administrative Tools package contains a vulnerability. Description The AddContextRef and ReleaseContext functions of the WMI Object Viewer control can be passed an object pointer from an attacker that results in arbitrary...
SAP Crystal Reports PrintControl.dll ServerResourceVersion buffer overflow
Added: 12/22/2010 CVE: CVE-2010-2590 BID: 45387 OSVDB: 69917 Background SAP Crystal Reports allows developers to design interactive reports from virtually any data source. Problem A buffer overflow vulnerability in the PrintControl.dll ActiveX control allows command execution when a user loads a...
New Intel Chips Support SMS Kill Switch
HED: New Intel Chips Support SMS Kill Switch DEK: Anti Theft 3 Chips Can be disabled via 3G Networks New computer processors from Intel Corp, due out in 2011, can be disabled using an SMS “poison pill” message sent over any 3G cellular network, according to Intel documentation. The new anti-theft...
AuraCMS 1.62 - 'pfd.php' SQL Injection
----------------------------------------------------------------------- AuraCMS pfd.php SQL Injection Vulnerability ----------------------------------------------------------------------- Author : Arianom [email protected] Homepage : http://indonesiancoder.com Vendor :...
MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...
Security Settings for ActiveX controls and OLE objects in Office 2003 and in the 2007 Office suite
Resolves the issue on how users can have the ability to control if and how ActiveX controls and OLE objects load with an Office kill-bit list.Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can...
Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control stack buffer overflow
Overview The Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control contains a stack buffer overflow that could allow a remote attacker to execute arbitrary code on an affected system Description The Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control,...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
SAPGui BI wadmxhtml.dll Tags Property Heap Corruption
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Who - -------- SAP http://www.sap.com What - -------- SAPGui BI component File: PROGRAMFILESsapbusiness explorerbiwadmxhtml.dll Version: 7100.1.400.8 ClassID: 30DD068D-5AD9-434C-AAAC-46ABE37194EB RegKey Safe for Script: False RegKey Safe for Init: Fal...