Memory corruption

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML...

CVE-2007-0946

Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption...

CVE-2007-0947

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML...

Memory corruption

Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption...

CVE-2007-0942

Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute...

CVE-2007-0947

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML...

CVE-2007-0942

Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute...

CVE-2007-0946

CVE-2007-0946 describes a memory corruption vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1/SP2, and Windows Vista, triggered by crafted HTML objects. The underlying issue is the improper handling of HTML objects, leading to memory corruption and potentia...

CVE-2007-0946

Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption...

tomcat XSS in example webapps

Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...

Microsoft Offcie multiple security vulnerabilities

Memory corruption on drawing objects parsing...

PostgreSQL privilege escalation

By using temporary objects, unprivileged user can execute function with permissions of security-definer...

EasyMail Objects “Connect”方式远程栈溢出漏洞

EasyMail Objects是一组全面的、易用的COM控件，可以创建、发送、接收、显示、编辑、保存和打印电子邮件。 EasyMail Objects的IMAP4组件（对象ClassID 703B353E-FA2E-4072-8DDF-F70AAC7E527E）在处理传送给Connect方式的超长参数时存在栈溢出漏洞。如果用户传送了超过500字节的超长主机名参数的话，就会触发这个溢出，导致执行任意指令。 Quiksoft EasyMail Objects 6.0 - 6.4 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Oracle Data ORADC ActiveX Control Remote Code Execution

A vulnerability has been identified in the Oracle Data Control ORADC ActiveX control.The ORADC ActiveX control is provided by the Oracle Objects for OLE package. It provides data access and operation modifications on the backend database.A remote attacker could execute arbitrary code on the...

CVE-2007-1092

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects...

Memory corruption

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects...

Stack overflow

Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name...

CVE-2007-1029

Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name...

CVE-2007-1029

CVE-2007-1029 concerns the Quiksoft EasyMail Objects IMAP4 component. A stack-based buffer overflow in the Connect method can be triggered by a long hostname, potentially allowing remote code execution. Affected products include EasyMail Objects versions before 6.5; warnings and advisories refere...

EasyMail Objects IMAP4 Component Connect Method Remote Overflow

EasyMail Objects, a set of COM objects for supporting email protocols, is installed on the remote Windows host. The IMAP4 component of the version of the DjVu Browser Plug-in installed on the remote host reportedly is affected by a stack buffer overflow in the 'Connect' method that can be trigger...