1165 matches found
Microsoft Rich Textbox ActiveX control SaveFile vulnerability
Added: 10/07/2008 CVE: CVE-2008-0237 BID: 27201 OSVDB: 40234 Background Microsoft Rich Textbox is an ActiveX control which comes with Visual Basic and allows creation of formatted text in RTF files. It is located in the Richtx32.ocx file. Problem The SaveFile method in the Rich Textbox ActiveX...
freebsd/x86 kill all processes 12 bytes
No description provided by source. CoDed bY suN8Hclf DaRk-CodeRs Group productions, kid FreeBSD x86 kill all procesess 12 bytes shellcode Compile: nasm -f elf code.asm ld -e start -o code code.o Assembly code: ---------------------code.asm------------------- section .text global start start: xor...
freebsd/x86 - kill all processes 12 bytes
freebsd/x86 kill all processes 12 bytes. Shellcode exploit for freebsdx86 platform CoDed bY suN8Hclf DaRk-CodeRs Group productions, kid FreeBSD x86 kill all procesess 12 bytes shellcode Compile: nasm -f elf code.asm ld -e start -o code code.o Assembly code:...
freebsd/x86 kill all processes 12 bytes
Exploit for freebsd/x86 platform in category shellcode ======================================= freebsd/x86 kill all processes 12 bytes ======================================= CoDed bY suN8Hclf DaRk-CodeRs Group productions, kid FreeBSD x86 kill all procesess 12 bytes shellcode Compile: nasm -f el...
Microsoft Visual Studio MaskedEdit ActiveX buffer overflow
Added: 09/03/2008 CVE: CVE-2008-3704 BID: 30674 OSVDB: 47475 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow in the MaskedEdit ActiveX control allows command execution when a user loads a web page which...
MS KB953839: Cumulative Security Update of ActiveX Kill Bits
The remote host is missing a list of kill bits for ActiveX controls that are known to contain vulnerabilities. If these ActiveX controls are ever installed on the remote host, either now or in the future, they would expose it to various security issues. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2008-1667
The Probe Builder Service aka PBOVISServer.exe in European Performance Systems EPS Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services OVIS on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode...
Microsoft Access Snapshot Viewer file download vulnerability
Added: 07/11/2008 CVE: CVE-2008-2463 BID: 30144 OSVDB: 46749 Background The Snapshot Viewer for Microsoft Access is used to display report snapshots without needing to fully invoke Access. It enables an ActiveX control in snapview.ocx. Problem The Snapshot Viewer ActiveX control allows remote fil...
Microsoft Access Snapshot Viewer file download vulnerability
Added: 07/11/2008 CVE: CVE-2008-2463 BID: 30144 OSVDB: 46749 Background The Snapshot Viewer for Microsoft Access is used to display report snapshots without needing to fully invoke Access. It enables an ActiveX control in snapview.ocx. Problem The Snapshot Viewer ActiveX control allows remote fil...
Microsoft Access Snapshot Viewer file download vulnerability
Added: 07/11/2008 CVE: CVE-2008-2463 BID: 30144 OSVDB: 46749 Background The Snapshot Viewer for Microsoft Access is used to display report snapshots without needing to fully invoke Access. It enables an ActiveX control in snapview.ocx. Problem The Snapshot Viewer ActiveX control allows remote fil...
Microsoft Access Snapshot Viewer file download vulnerability
Added: 07/11/2008 CVE: CVE-2008-2463 BID: 30144 OSVDB: 46749 Background The Snapshot Viewer for Microsoft Access is used to display report snapshots without needing to fully invoke Access. It enables an ActiveX control in snapview.ocx. Problem The Snapshot Viewer ActiveX control allows remote fil...
Black Ice软件BiAnno.ocx控件远程栈溢出漏洞
BUGTRAQ ID: 29635 Annotation SDK/ActiveX是Black Ice图形工具包中的图形编辑插件。 Annotation SDK/ActiveX插件所安装的BiAnno Control ActiveX控件(BiAnno.ocx)在处理AnnoSaveToTiff函数参数时存在栈溢出漏洞,如果用户受骗访问了恶意网页并向该函数传送了超长参数的话,就可以触发这个溢出,导致执行任意指令。 Black Ice Annotation SDK/ActiveX Plug-In 10.9.5.0 临时解决方法:...
Novell iPrint Client ActiveX control stack buffer overflows
Overview The Novell iPrint Client ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Novell iPrint is a software printing solution that allows for printing over the internet. On...
Microsoft Windows Speech组件语音识别远程命令执行漏洞(MS08-032)
BUGTRAQ ID: 22359 CVECAN ID: CVE-2007-0675 Microsoft Windows是微软发布的非常流行的操作系统。 如果Windows中启用了语音识别功能的话,则Speech组件sapi.dll中存在远程执行代码漏洞。攻击者可以通过构造嵌入了声音对象的特制网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP1 Microsoft...
Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits (950760)
Microsoft Security Bulletin MS08-032 - Moderate Cumulative Security Update of ActiveX Kill Bits 950760 Published: June 10, 2008 Version: 1.0 General Information Executive Summary This security update resolves a publicly reported vulnerability for the Microsoft Speech API. The vulnerability could...
BackWeb Lite Install Runner ActiveX stack buffer overflows
Overview The BackWeb Lite Install Runner ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description BackWeb Lite Install Runner is an ActiveX control that is used to install software on...
HP Instant Support HPISDataManager.dll ActiveX控件任意文件下载漏洞
BUGTRAQ ID: 29530 CVECAN ID: CVE-2007-5608 HP Instant Support是是基于网络的故障诊断和排除工具套件,适用于桌面计算和打印产品。 HP Instant Support所安装的HPISDataManager.dll ActiveX控件没有正确地过滤对DownloadFile函数的输入参数。如果用户受骗访问了恶意网页并向该函数传送了超长参数的话,就可能导致向本地系统下载任意文件。 HP Instant Support 1.0.0.22 临时解决方法:...
HP Online Support Services ActiveX ExtractCab() buffer overflow
Overview HP Online Support Services contains the function ExtractCab, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system in the context of the local user. Description HP Services provides online...
HP Online Support Services ActiveX GetFileTime() buffer overflow
Overview HP Online Support Services contains the function GetFileTime, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description HP Services provides online product support services including ...
HP Online Support Services ActiveX StartApp() arbitrary code execution
Overview The HP Online Support Services ActiveX control contains a method called StartApp. This may allow a remote, unauthenticated attacker to execute local files on a vulnerable system in the context of the local user. Description HP Services provides online product support services including H...