9 matches found
NTR ActiveX Control StopModule() Remote Code Execution (CVE-2012-0267)
A remote code execution vulnerability has been reported in the NTR ActiveX 1.1.8...
Secunia Research: NTR ActiveX Control "StopModule()" Input Validation Vulnerability
====================================================================== Secunia Research 11/01/2012 - NTR ActiveX Control "StopModule" Input Validation Vulnerability - ====================================================================== Table of Contents Affected...
Secunia Research: NTR ActiveX Control Four Buffer Overflow Vulnerabilities
====================================================================== Secunia Research 11/01/2012 - NTR ActiveX Control Four Buffer Overflow Vulnerabilities - ====================================================================== Table of Contents Affected...
NTR ActiveX Control < 2.0.4.8 Multiple Vulnerabilities
At least one version of the NTR ActiveX control installed on the remote Windows host is earlier than 2.0.4.8. As such, it reportedly is affected by the following vulnerabilities : - Four stack-based buffer overflows exist involving the 'bstrUrl' parameter of the 'StartModule' method, the...
CVE-2012-0267
The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer...
CVE-2012-0266
Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via 1 a long bstrUrl parameter to the StartModule method, 2 a long bstrParams parameter to the Check method, a long bstrUrl parameter to the 3 Download or 4...
Stack overflow
Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via 1 a long bstrUrl parameter to the StartModule method, 2 a long bstrParams parameter to the Check method, a long bstrUrl parameter to the 3 Download or 4...
Null pointer dereference
The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer...
CVE-2012-0266
CVE-2012-0266 : The NTR ActiveX control (pre-2.0.4.8) is affected by multiple stack-based buffer overflows. The vulnerability allows remote code execution via long inputs to: StartModule(bstrUrl), Check(bstrParams), and Download/DownloadModule (bstrUrl) during .ntr pathname or URL construction. E...