16 matches found
EUVD-2017-6286
Malware in sbrugna...
CVE-2019-13279
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. The vulnerability can be exercised on the local intranet or remotely if remote...
Command injection
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple command injections when processing user input for the setup wizard, allowing an unauthenticated user to run arbitrary commands on the device. The vulnerability can be exercised on the local intranet or remotely if...
CVE-2019-13279
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. The vulnerability can be exercised on the local intranet or remotely if remote...
Microsoft Internet Explorer NetBIOS Spoofing (MS16-063: CVE-2016-3213)
A spoofing vulnerability exists in Microsoft Internet Explorer. The root cause is that an attacker can spoof WAPD requests and force the browser to switch to local Intranet. A remote attacker can exploit this issue by sending a specially crafted meeting request...
Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution
Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...
Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution
Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...
Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution
Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...
CVE-2008-3010
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...
Microsoft Visual Studio “WMI Object Broker”控件代码执行漏洞(MS06-073)
Microsoft Visual Studio是微软公司的开发工具套件系列产品,是一个基本完整的开发工具集,包括了软件整个生命周期中所需要的大部分工具。 Visual Studio的"WMI Object Broker"控件在例程的创建和处理上存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意恶意代码。 Visual Studio所捆绑的WMI Object Broker ActiveX控件允许创建系统上已有的ActiveX控件例程。以这种方式创建的ActiveX对象会绕过ActiveX安全限制,如忽略kill bit和safe for...
CVE-1999-1087
CVE-1999-1087 affects Internet Explorer 4 where a 32-bit number in a URL (a “dotless IP address”) is treated as the hostname rather than as an IP address. This causes the web page to inherit Local Intranet Zone settings, enabling remote malicious servers to perform unauthorized activities using U...
Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing
Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing ------ Risk: POTENTIALLY HIGH. Potentially allowing any possible action on the client machine, including reading any file, placing Trojan code or altering data. The risk depends on the security settings in the 'Intranet zone'...
Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)
Microsoft Internet Explorer 5 - Zone Spoofing MS01-055 source: https://www.securityfocus.com/bid/3420/info Microsoft Internet Explorer contains a security-setting feature that can be modified according to a user's preferences. These settings control what actions a web site can take on a user's...
Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)
source: https://www.securityfocus.com/bid/3420/info Microsoft Internet Explorer contains a security-setting feature that can be modified according to a user's preferences. These settings control what actions a web site can take on a user's system. A vulnerability exists in Internet Explorer, whic...
CVE-1999-1087
Internet Explorer 4 treats a 32-bit number "dotless IP address" in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that conta...
msie.zone.confusion.txt
Date: Fri, 5 Mar 1999 21:53:18 -0500 From: Jim Paris To: [email protected] Subject: More Internet Explorer zone confusion Even after the patch described in Microsoft Security Bulletin MS98-016 http://www.microsoft.com/security/bulletins/ms98-016.asp, IE4 still has big problems with...