HP Online Support Services ActiveX GetFileTime() buffer overflow

Overview HP Online Support Services contains the function GetFileTime, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description HP Services provides online product support services including ...

NCTSoft产品NCTAudioInformation2 ActiveX控件缓冲区溢出漏洞

BUGTRAQ ID: CVE ID：CVE-2008-0959 CNCVE ID:CNCVE-20080959 NCTAudio是一款软件开发者能够在程序中加入录制、编辑和播放的ActiveX控件。 NCTAudio NCTAudioInformation2控件存在参数检查边界错误，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 NCTAudioInformation2.dll处理部分参数或方法时存在边界条件检查错误，构建恶意WEB页，诱使用户访问，可导致以应用程序权限执行任意指令。 NCTAudioEditor ActiveX DLL 2.x NCTAudioStudio...

联众世界GLIEDown2.dll Active控件多个缓冲区溢出漏洞

BUGTRAQ ID: 29118,29446 联众世界是在中国非常流行的在线游戏网站。 联众世界的游戏大厅主程序GLWorld所安装的GLIEDown2.dll ActiveX控件（CLSID：F917534D-535B-416B-8E8F-0C04756C31A8）没有正确地处理对IEStart、IEStartNative方式以及ServerList、GameInfo和GruopName属性的输入参数。如果用户受骗访问了恶意网页并向这些方式传送了特制参数的话，就可能触发堆溢出或栈溢出，导致在用户系统上执行任意指令。 利用此漏洞进行挂马的0day攻击已经出现。 GlobalLink...

creative-overflow.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CacheFolder property is vulnerable to stack-based buffer overflow after 260 bytes, @ 512 bytes overwrites SEH and allows code execution reliably. Original Advisory @ http://www.kb.cert.org/vuls/id/501843 and Vulnerability...

Creative Software AutoUpdate Engine ActiveX stack buffer overflow

Overview The Creative Labs AutoUpdate Engine ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Creative Software AutoUpdate Engine ActiveX control is a component that provides...

Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX stack buffer overflows

Overview The Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies, which was formerly known as NCT...

Share Trojan-free kill technology experience-vulnerability warning-the black bar safety net

Trojan horsefree kill,in the country should originate in the 0 to 5 years. From then on a single feature of the code is now a composite signature,antivirus software from Active defense to Active Defense. Free to killtechnology is increasingly difficult. But plus ça change--change the feature code...

From the flowers began to scold kill free-vulnerability warning-the black bar safety net

The topic you read that right, and indeed from the flower began to scoldfree kill. Why you want to scold it, in fact because of recent school bored, so using a mobile phone on the QQ scurry. Not is I which nerve dislocation, is looking for a to teachfree killchat updon't ask me how I make him tal...

联众世界GLIEDown2.dll Active控件任意代码执行漏洞

联众世界是在中国非常流行的在线游戏网站。 联众世界的游戏大厅主程序GLWorld所安装的GLIEDown2.dll ActiveX控件（CLSID：F917534D-535B-416B-8E8F-0C04756C31A8）没有正确地处理某些用户输入参数，如果用户受骗访问了恶意网页并向这些方式传送了特制参数的话，可能导致在用户系统上执行任意指令。 利用此漏洞进行挂马的0day攻击已经出现。 GlobalLink 2.8.1.2 beta 临时解决方法： 为有漏洞的控件设置Kill-Bit： Windows Registry Editor Version 5.00...

grape-rfi.txt

Name : Grape Web Statistics Remote File include Vulnerability Download From :http://www.quate.net/link.php?grape Found By : MajnOoNxHaCkEr Home Page : http://www.4rxh.com ============================================================================ Vulne Code In File functions.php : Function:...

CA DSM gui_cm_ctrls.ocx ActiveX控件远程代码执行漏洞

BUGTRAQ ID: 28809 CVECAN ID: CVE-2008-1786 CA桌面和服务器管理（DSM）产品中包含多种应用，分别用来执行软件分发、远程控制和资产管理任务。 DSM产品所提供的guicmctrls ActiveX控件没有充分的验证函数输入，如果用户受骗访问了恶意网页的话就可能导致拒绝服务或在WEB浏览器会话中执行任意代码。 Computer Associates guicmctrls.ocx 11.2.3.1896 Computer Associates guicmctrls.ocx 11.2.2000.4 Computer Associates...

Grape Statistics 0.2a - location Remote File Inclusion

Grape Statistics 0.2a - location Remote File Inclusion Name : Grape Web Statistics Remote File include Vulnerability Download From :http://www.quate.net/link.php?grape Found By : MajnOoNxHaCkEr Home Page : http://www.4rxh.com...

Microsoft Security Bulletin MS08-023 - Critical

Microsoft Security Bulletin MS08-023 - Critical Security Update of ActiveX Kill Bits 948881 Published: April 8, 2008 Version: 1.0 General Information Executive Summary This security update resolves one privately reported vulnerability for a Microsoft product. This update also includes a kill bit...

BusinessObjects RptViewerAX ActiveX控件栈溢出漏洞

BUGTRAQ ID: 28292 CVECAN ID: CVE-2007-6254 Business Objects是全球领先的商务智能平台。 Business Objects产品所安装的RptViewerAX ActiveX控件（RptViewerAX.dll）中存在栈溢出漏洞，如果用户受骗访问了恶意网页并向该控件传送了超长参数的话，就可能触发这个溢出，导致执行任意指令。 Business Objects BusinessObjects 6.5 Business Objects ---------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

RealNetworks RealPlayer rmoc3260.dll ActiveX控件内存破坏漏洞

BUGTRAQ ID: 28157 RealPlayer是一款流行的多媒体播放器，支持多种媒体格式。 RealPlayer的rmoc3260.dll ActiveX控件实现上存在漏洞，远程攻击者可能利用此漏洞控制用户系统。 rmoc3260.dll ActiveX控件没有正确地处理Console属性的输入参数，如果用户受骗访问了恶意站点的话，就可能触发内存破坏，导致执行任意指令。 Real Networks RealPlayer 11.0.1 build 6.0.14.794 临时解决方法： 在IE中禁用RealPlayer ActiveX控件，为以下CLSID设置kill bit：...

Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow

Overview The Microsoft Office Web Components ActiveX controls contain a stack buffer overflow in the processing of URLs, which allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office Web Components are ActiveX controls that provide...

RealNetworks RealPlayer ActiveX controls property heap memory corruption

Overview Multiple RealPlayer ActiveX controls fail to properly handle properties, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description RealNetworks RealPlayer provides multiple ActiveX controls to allow integration with Internet Explorer...

瑞星免费在线查毒OL2005.dll ActiveX控件远程代码执行漏洞

BUGTRAQ ID: 27997 瑞星是中国的一家非常著名的杀毒软件厂商。 瑞星的在线查毒服务ActiveX控件实现上存在漏洞，远程攻击者可能利用此漏洞控制用户系统。 瑞星在其主站提供了免费在线查毒服务（http://online.rising.com.cn/free/index.htm ）。在执行免费查毒时，站点会要求用户安装Rising Web Scan Object ActiveX控件（OL2005.dll）。该控件的UpdateEngine方式没有正确地验证某些参数输入，可能导致向用户系统上下载并加载恶意的二进制程序。 Rising OL2005.dll 18.0.0.7...

Move Media Player qsp2ie07074039.dll ActiveX控件栈溢出漏洞

BUGTRAQ ID: 27995 Move Media Player是一款网络流媒体播放器。 Move Media Player的ActiveX控件实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 Move Media Player所安装的Quantum Streaming IE Player ActiveX控件（qsp2ie07074039.dll）没有正确地验证对UploadLogs方式的输入参数。如果用户受骗访问了恶意网页并向该方式传送了超长URL参数的话，就可能触发栈溢出，导致执行任意指令。 Move Networks qsp2ie07074039.dll...

Apple QuickTime QTPlugin.ocx ActiveX控件多个栈溢出漏洞

BUGTRAQ ID: 27769 Apple QuickTime是一款非常流行的多媒体播放器。 QuickTime所安装的QTPlugin.ocx ActiveX控件在处理畸形参数数据时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 QTPlugin.ocx ActiveX控件没有正确地验证对SetBgColor、SetHREF、SetMovieName、SetTarget和SetMatrix函数的输入，如果用户受骗访问了恶意网页并向这些函数传送了超长字符串的话，就可能触发栈溢出，导致执行任意指令。 Apple QuickTime Player = 7.4.1 临时解决方法...