Internet Explorer vulnerable in handling CDO protocol

Overview Internet Explorer is vulnerable in handling CDO Collaboration Data Objects protocol, which allows the download dialog box to be bypassed. When Internet Explorer IE accesses a website using CDO Collaboration Data Objects, IE processes the contents as CDO data, ignoring their actual conten...

JVN#55410403 Internet Explorer vulnerable in handling CDO protocol

When Internet Explorer IE accesses a website using CDO Collaboration Data Objects, IE processes the contents as CDO data, ignoring their actual content types, and IE does not properly handle the Content-Disposition header field. This could cause a download dialog box not to be displayed prior to...

[SECURITY] Fedora 8 Update: rubygem-activerecord-2.1.1-1.fc8

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

Microsoft Excel Remote Code Execution Vulnerability (956416)

This host is missing critical security update according to Microsoft Bulletin MS08-057. OpenVAS Vulnerability Test $Id: secpodms08-057900048.nasl 6538 2017-07-05 11:38:27Z cfischer $ Description: Microsoft Excel Remote Code Execution Vulnerability 956416 Authors: Chandan S Copyright: Copyright C...

Microsoft Excel Remote Code Execution Vulnerability (956416)

This host is missing critical security update according to Microsoft Bulletin MS08-057. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2008-4872 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Microsoft Excel versions 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 Description: The issue arises from improper validation of data in the VBA Performance Cache when processing an Office document with an embedded object. This allows remote...

PT-2008-4870 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 6 Description: The issue arises from improper error handling when using the componentFromPoint method on xml objects that have been incorrectly initialized or deleted, allowing remote attackers to execute...

Mozilla Foundation Security Advisory 2008-41

Mozilla Foundation Security Advisory 2008-41 Title: Privilege escalation via XPCnativeWrapper pollution Impact: Critical Announced: September 23, 2008 Reporter: mozbugra4, Olli Pettay Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.2 Firefox 2.0.0.17 Thunderbird 2.0.0.17 SeaMonkey...

Cumulative Security Update for Internet Explorer (950759)

This host has Microsoft Internet Explorer installed, which is prone to HTTP request splitting/smuggling and HTML Objects Memory Corruption Vulnerabilities. OpenVAS Vulnerability Test $Id: gbms08-031.nasl 5863 2017-04-05 07:38:11Z antu123 $ Cumulative Security Update for Internet Explorer 950759...

[SECURITY] Fedora 9 Update: rubygem-activerecord-2.1.1-1.fc9

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

CVE-2008-4060

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to 1 the document.loadBindingDocument...

CVE-2008-4060

CVE-2008-4060 affects Mozilla Firefox (before 2.0.0.17 and 3.x before 3.0.2), Thunderbird (before 2.0.0.17), and SeaMonkey (before 1.1.12). The flaw, exploitable via document.loadBindingDocument and XSLT processing, could allow remote attackers to execute arbitrary code with chrome privileges. Th...

CVE-2008-4060

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to 1 the document.loadBindingDocument...

Debian Security Advisory DSA 1614-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 1614-1. OpenVAS Vulnerability Test $Id: deb16141.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1614-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1614-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory corruption

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption...

Memory corruption

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions...

CVE-2008-0120

Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocation Vulnerability."...

CVE-2008-0120

CVE-2008-0120 concerns Microsoft PowerPoint Viewer 2003. The issue is an integer overflow in the handling of embedded CString objects within a PowerPoint file’s picture index, leading to remote code execution if a user opens a malformed file. Technical sources (NVD, SAINT/OSVDB mirrors, and OpenV...

Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects...