151 matches found
Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow
Added: 12/24/2008 CVE: CVE-2004-0363 BID: 9916 OSVDB: 6249 Background Norton AntiSpam 2004, which is included in Norton Internet Security 2004, is spam filtering software. Problem A buffer overflow vulnerability in the SymSpamHelper ActiveX control symspam.dll allows command execution when a user...
Autodesk LiveUpdate ActiveX Control Code Execution (CVE-2008-4471; CVE-2008-4472)
Autodesk provides several software products for professional designing of buildings and other infrastructure. A code execution vulnerability has been reported in Autodesk LiveUpdate ActiveX control within multiple products. The vulnerability is due to an error in the Autodesk LiveUpdate ActiveX...
CVE-2008-4472
The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...
Security feature bypass
The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...
CVE-2008-4472
The CVE-2008-4472 issue is in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56) used by Autodesk products (e.g., Revit Architecture 2009 SP2, Autodesk Design Review 2009). The ApplyPatch method accepts a second argument and can cause arbitrary code execution on a remote Windows host when ...
CVE-2008-4472
The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...
Autodesk LiveUpdate ActiveX control ApplyPatch method vulnerability
Added: 10/06/2008 CVE: CVE-2008-4472 BID: 31490 OSVDB: 49047 Background Autodesk is a suite of architectural design software products. Problem The ApplyPatch method in the LiveUpdate ActiveX control allows a web page to execute arbitrary files on the system. Remote command execution is possible b...
Autodesk LiveUpdate ActiveX control ApplyPatch method vulnerability
Added: 10/06/2008 CVE: CVE-2008-4472 BID: 31490 OSVDB: 49047 Background Autodesk is a suite of architectural design software products. Problem The ApplyPatch method in the LiveUpdate ActiveX control allows a web page to execute arbitrary files on the system. Remote command execution is possible b...
Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit
!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...
autodesk-exec.txt
!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...
Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution
Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution !-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk...
Autodesk DWF Viewer Control / LiveUpdate Module - Remote Code Execution
!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...
Symantec Norton NavComUI ActiveX control vulnerability
Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...
Symantec Norton NavComUI ActiveX control vulnerability
Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...
Symantec Norton NavComUI ActiveX control vulnerability
Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...
Symantec Norton NavComUI ActiveX control vulnerability
Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...
Symantec SYMTDI.SYS Device Driver Local Denial of Service
SUMMARY Some versions of Symantecs device driver SYMTDI.SYS contain a vulnerability which, if successfully exploited, could allow a local attacker to cause the system to crash. Risk Impact Low Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes, to the local system Exploit...
Symantec SYMTDI.SYS Device Driver Local Elevation of Privilege
SUMMARY Some versions of Symantecs device driver SYMTDI.SYS contain a vulnerability which, if successfully exploited, could allow a local attacker to execute arbitrary code with system level privileges. Risk Impact Medium Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes...
SupportSoft tgctlsi.dll ActiveX control buffer overflow
Added: 03/15/2007 CVE: CVE-2006-6490 BID: 22564 OSVDB: 33481 Background SupportSoft ActiveX controls are used by third-party products to provide remote technical support. Problem SupportSoft ActiveX controls are affected by multiple buffer overflow vulnerabilities which can lead to command...
SupportSoft tgctlsi.dll ActiveX control buffer overflow
Added: 03/15/2007 CVE: CVE-2006-6490 BID: 22564 OSVDB: 33481 Background SupportSoft ActiveX controls are used by third-party products to provide remote technical support. Problem SupportSoft ActiveX controls are affected by multiple buffer overflow vulnerabilities which can lead to command...