CVE-2023-23375

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability...

CVE-2023-23375 Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and versions are affected: Microsoft OLE DB Driver 18 for SQL Server,Microsoft OLE DB Driver 19 for SQL...

PT-2023-2559 · Microsoft · Odbc +2

Name of the Vulnerable Software and Affected Versions: Microsoft ODBC and OLE DB affected versions not specified Description: The issue exists due to insufficient input validation in the Windows operating system's ODBC and OLE DB drivers. Exploitation of this issue may allow an attacker to execut...

PT-2023-2437 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue exists due to insufficient input validation in the OLE DB driver for SQL Server in the Windows operating system. This allows a remote attacke...

SUSE CVE-2006-4514

Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...

SUSE CVE-2013-2625

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified...

CVE-2023-21686

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2022-38031

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2022-37982

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2022-34731

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows OLE. The following products and versions are affected: Windows 11 for ARM64-based Systems,Windows 10 Version 21H2...

Microsoft Windows 代码注入漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Windows OLE. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for...

Microsoft Windows 代码注入漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Windows OLE. The following products and versions are affected: Windows Server 2008 for 32-bit Systems Service Pack 2 Server Core...

PT-2022-21358 · Estsoft · Estsoft Alyac

Name of the Vulnerable Software and Affected Versions: ESTsoft Alyac version 2.5.8.544 Description: An integer overflow issue exists in the way ESTsoft Alyac parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, potentially resulting in arbitrary code execution. This...

ESTsoft Alyac 输入验证错误漏洞

ESTsoft Alyac is a low-priced comprehensive security software from the Korean company ESTsoft. A security vulnerability exists in ESTsoft Alyac 2.5.8.544, which is caused by an integer overflow in the way an OLE file is parsed, and can be exploited by an attacker to execute arbitrary code...

Countering Follina Attack (CVE- 2022-30190) with Trellix Network Security Platform’s Advanced Detection Features

Countering Follina Attack CVE- 2022-30190 with Trellix Network Security Platform’s Advanced Detection Features By Vinay Kumar and Chintan Shah · July 19, 2022 Executive summary During the end of May 2022, independent security researcher reported a vulnerability assigned CVE-2022-30190 in Microsof...