9 matches found
Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution
Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...
Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution
Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...
CVE-2008-3010
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...
CVE-1999-1087
CVE-1999-1087 affects Internet Explorer 4 where a 32-bit number in a URL (a “dotless IP address”) is treated as the hostname rather than as an IP address. This causes the web page to inherit Local Intranet Zone settings, enabling remote malicious servers to perform unauthorized activities using U...
Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing
Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing ------ Risk: POTENTIALLY HIGH. Potentially allowing any possible action on the client machine, including reading any file, placing Trojan code or altering data. The risk depends on the security settings in the 'Intranet zone'...
Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)
Microsoft Internet Explorer 5 - Zone Spoofing MS01-055 source: https://www.securityfocus.com/bid/3420/info Microsoft Internet Explorer contains a security-setting feature that can be modified according to a user's preferences. These settings control what actions a web site can take on a user's...
Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)
source: https://www.securityfocus.com/bid/3420/info Microsoft Internet Explorer contains a security-setting feature that can be modified according to a user's preferences. These settings control what actions a web site can take on a user's system. A vulnerability exists in Internet Explorer, whic...
CVE-1999-1087
Internet Explorer 4 treats a 32-bit number "dotless IP address" in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that conta...
msie.zone.confusion.txt
Date: Fri, 5 Mar 1999 21:53:18 -0500 From: Jim Paris To: [email protected] Subject: More Internet Explorer zone confusion Even after the patch described in Microsoft Security Bulletin MS98-016 http://www.microsoft.com/security/bulletins/ms98-016.asp, IE4 still has big problems with...