Lucene search
+L

26 matches found

exploitdb
exploitdb
added 2014/10/20 12:0 a.m.108 views

Microsoft Windows - OLE Package Manager Code Execution (MS14-060) (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...

9.3CVSS8AI score0.81628EPSS
Exploits22
packetstorm
packetstorm
added 2014/10/18 12:0 a.m.75 views

MS14-060 Microsoft Windows OLE Package Manager Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...

9.3CVSS0.3AI score0.81628EPSS
Exploits22
saint
saint
added 2012/01/24 12:0 a.m.69 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS6AI score0.20561EPSS
Exploits4
saint
saint
added 2012/01/24 12:0 a.m.38 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
saint
saint
added 2012/01/24 12:0 a.m.47 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
saint
saint
added 2012/01/24 12:0 a.m.59 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
securityvulns
securityvulns
added 2012/01/21 12:0 a.m.116 views

Microsoft Windows multiple security vulnerabilities

SafeSEH protection bypass, Windows Object Packager code execution, CSRSS privilege escalation, DirectShow / Windows Media memory corruption, Windows Packager code execution, SSL/TLS information leakage...

9.3CVSS5.9AI score0.73753EPSS
Exploits34References1Affected Software1
openvas
openvas
added 2012/01/11 12:0 a.m.36 views

Microsoft Windows Object Packager Remote Code Execution Vulnerability (2603381)

This host is missing an important security update according to Microsoft Bulletin MS12-002. OpenVAS Vulnerability Test $Id: secpodms12-002.nasl 5341 2017-02-18 16:59:12Z cfi $ Microsoft Windows Object Packager Remote Code Execution Vulnerability 2603381 Authors: Madhuri D Copyright: Copyright c...

9.3CVSS1AI score0.20561EPSS
Exploits4References3
nvd
nvd
added 2012/01/10 9:55 p.m.33 views

CVE-2012-0009

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file...

9.3CVSS6.2AI score0.20561EPSS
Exploits4References6
prion
prion
added 2012/01/10 9:55 p.m.24 views

Design/Logic Flaw

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file...

9.3CVSS6.8AI score0.20561EPSS
Exploits4References6
cve
cve
added 2012/01/10 9:0 p.m.145 views

CVE-2012-0009

CVE-2012-0009 affects Windows Object Packager handling in Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability stems from how Object Packager registers/implements packages stored on network shares, WebDAV, and UNC paths, allowing local privilege escalation via a Trojan horse executab...

9.3CVSS6.3AI score0.20561EPSS
Exploits4References6Affected Software2
cvelist
cvelist
added 2012/01/10 9:0 p.m.36 views

CVE-2012-0009

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file...

6.2AI score0.20561EPSS
Exploits4References6
symantec
symantec
added 2012/01/10 12:0 a.m.27 views

Microsoft Windows Object Packager Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affect...

7.9AI score
Exploits0Affected Software5
checkpoint_advisories
checkpoint_advisories
added 2012/01/10 12:0 a.m.18 views

Microsoft Windows Object Packager Insecure Executable Launching (MS12-002; CVE-2012-0009)

A remote code execution has ben reported in Microsoft Windows...

7.3AI score0.20561EPSS
Exploits4
nessus
nessus
added 2012/01/10 12:0 a.m.54 views

MS12-002: Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)

The remote host is affected by a remote code execution vulnerability when handling files with embedded packaged objects. An attacker can exploit this vulnerability by tricking a user into opening a legitimate file with an embedded packaged object file that is located in the same network directory...

9.3CVSS6.3AI score0.20561EPSS
Exploits4References2
securityvulns
securityvulns
added 2006/10/15 12:0 a.m.43 views

Microsoft Windows Object Packager dialog spoofing

Code execution with .RTF or .WRI file embedded object...

3.4AI score
Exploits0References4
securityvulns
securityvulns
added 2006/10/15 12:0 a.m.34 views

Re: Secunia Research: Microsoft Windows Object Packager Dialog Spoofing

I knew about this particular flaw for some time . honestly I found it by accident, like I think the the security researcher from secunia did...or maybe it leaked from where I posted it?!?!?!!! :P. This could be a bit more critical if : 1 a '' not a '/' was placed at the end of the command line...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2006/10/15 12:0 a.m.35 views

Spoofing security dialog in object packager - 2

A few months ago, I found that in all versions of windows xp are vulnerable: In object packager, if one created a command line, eg "format a: /X" and wanted to hide it, leave the icon and label to anything, really, and change the command line to 'cmd /c format a: /X ..securitylog.txt'. It will...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2006/10/12 12:0 a.m.47 views

Secunia Research: Microsoft Windows Object Packager Dialog Spoofing

====================================================================== Secunia Research 11/10/2006 - Microsoft Windows Object Packager Dialog Spoofing - ====================================================================== Table of Contents Affected...

5.1CVSS0.1AI score0.27697EPSS
Exploits0
vulnrichment
vulnrichment
added 2006/10/11 2:0 a.m.13 views

CVE-2006-4692

Argument injection vulnerability in the Windows Object Packager packager.exe in Microsoft Windows XP SP1 and SP2 and Server 2003 SP1 and earlier allows remote user-assisted attackers to execute arbitrary commands via a crafted file with a "/" slash character in the filename of the Command Line...

8.1AI score0.27697EPSS
Exploits0References12
Rows per page
Query Builder