PT-2009-5943 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 8 Description: A remote code execution issue exists due to improper handling of objects in memory. This allows attackers to execute arbitrary code by accessing an object that was not properly initialized or...

MS Internet Explorer 'Style' Object Remote Code Execution Vulnerability

This host is missing a critical security update according to Microsoft Bulletin MS09-072. OpenVAS Vulnerability Test $Id: gbmsiestyleobjectremotecodeexecvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Description: MS Internet Explorer 'Style' Object Remote Code Execution Vulnerability Authors: Suj...

Vulnerability Note VU#261869

Vulnerability Note VU261869 Clientless SSL VPN products break web browser domain-based security models Overview Clientless SSL VPN products from multiple vendors operate in a way that breaks fundamental browser security mechanisms. An attacker could use these devices to bypass authentication or...

Foxit Reader - COM Objects Memory Corruption Remote Code Execution

Bugtraq ID: 36673 Published: Oct 14 2009 12:00AM Updated: Nov 19 2009 03:25PM Credit: mrx Vulnerable: Foxit Reader 3.1.1 Build 0928 Foxit Foxit Reader 3.0.2009 1301 Foxit Foxit Reader 3.0 Build 1817 Foxit Foxit Reader 3.0 Build 1506 Foxit Foxit Reader 3.0 Foxit Reader is prone to a remote...

Foxit Reader COM Objects Memory Corruption Remote Code Execution Vulnerability

No description provided by source. Bugtraq ID: 36673 Published: Oct 14 2009 12:00AM Updated: Nov 19 2009 03:25PM Credit: mrx Vulnerable: Foxit Reader 3.1.1 Build 0928 Foxit Foxit Reader 3.0.2009 1301 Foxit Foxit Reader 3.0 Build 1817 Foxit Foxit Reader 3.0 Build 1506 Foxit Foxit Reader 3.0 Foxit...

Foxit Reader - COM Objects Memory Corruption Remote Code Execution

Foxit Reader - COM Objects Memory Corruption Remote Code Execution Bugtraq ID: 36673 Published: Oct 14 2009 12:00AM Updated: Nov 19 2009 03:25PM Credit: mrx Vulnerable: Foxit Reader 3.1.1 Build 0928 Foxit Foxit Reader 3.0.2009 1301 Foxit Foxit Reader 3.0 Build 1817 Foxit Foxit Reader 3.0 Build 15...

EasyMail IMAP4 ActiveX Control LicenseKey buffer overflow

Added: 11/16/2009 OSVDB: 59938 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A buffer overflow vulnerability in the EasyMail IMAP4 ActiveX...

EasyMail IMAP4 ActiveX Control LicenseKey buffer overflow

Added: 11/16/2009 OSVDB: 59938 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A buffer overflow vulnerability in the EasyMail IMAP4 ActiveX...

EasyMail Objects EMSMTP.DLL 6.0.1 ActiveX Control Remote Buffer Overflow Vulnerability

No description provided by source. !-- Postcast Server Pro 3.0.61 / Quiksoft EasyMail SMTP Object emsmtp.dll 6.0.1 remote buffer overflow exploit ie6 / xp sp2 version passing more than 539 chars to SubmitToExpress method: EAX 00000400 ECX 0013DD24 ASCII "Error Creating File: AAAA ... EDX C0403FFF...

EasyMail Objects EMSMTP.DLL 6.0.1 ActiveX Control Remote BOF

Exploit for unknown platform in category remote exploits ====================================================================================== EasyMail Objects EMSMTP.DLL 6.0.1 ActiveX Control Remote Buffer Overflow Vulnerability...

[SECURITY] Fedora 10 Update: ocaml-postgresql-1.12.3-1.fc10.2

This OCaml-library provides an interface to PostgreSQL, an efficient and reliable, open source, relational database. Almost all functionality available through the C-API libpq is replicated in a type-safe way. This library uses objects for representing database connections and results of queries...

[SECURITY] Fedora 11 Update: ocaml-postgresql-1.12.3-1.fc11.2

This OCaml-library provides an interface to PostgreSQL, an efficient and reliable, open source, relational database. Almost all functionality available through the C-API libpq is replicated in a type-safe way. This library uses objects for representing database connections and results of queries...

Internet Explorer COM CreateObject Code Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3...

Internet Explorer Multiple COM Objects Memory Corruption (MS05-037 MS05-038; CVE-2005-1990; CVE-2005-2087)

Microsoft Internet Explorer allows HTML documents to embed ActiveX controls for the authoring of dynamic web content. ActiveX controls are based on Component Object Model COM technologies. There exists a vulnerability in the way Microsoft Internet Explorer instantiates certain COM objects that ar...

XPCVariant:: VariantDataToJS()

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to...

Chrome privilege escalation in XPCVariant::VariantDataToJS() — Mozilla

Mozilla security researcher mozbugra4 reported that the XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web...

Internet Explorer DirectAnimation COM Object Memory Corruption (MS06-042; CVE-2006-3638)

Microsoft Internet Explorer allows HTML documents to embed ActiveX controls for the authoring of dynamic web content. ActiveX controls are based on Component Object Model COM technology. The invocation of an ActiveX control is performed by Internet Explorer by internally instantiating a COM objec...

Microsoft Office Art Property Table Memory Corruption

Added: 10/22/2009 CVE: CVE-2009-2528 BID: 36650 OSVDB: 58869 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. MS Office XP 2002 and MS Office 2000 use the Microsoft Windows...

[SECURITY] Fedora 11 Update: rubygem-activerecord-2.3.2-2.fc11

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

PT-2009-4934 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 8 Description: The issue arises from improper handling of objects in memory, allowing remote attackers to execute arbitrary code. This can occur when accessing an object that was not properly...