25 matches found
Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability
OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site...
Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: April 9, 2019
Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: April 9, 2019 Summary A remote code execution vulnerability exists in the manner in which the VBScript engine handles objects in memory. To learn more about the vulnerability, go to...
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
vbscript: use-after-free in OLEAUT32!VariantClear and scrrun!VBADictionary::putItem CVE-2018-8544 There is a use-after-free vulnerability possibly two vulnerabilities triggerable by the same PoC, see below in Microsoft VBScript. The vulnerability has been confirmed in Internet Explorer on Windows...
VBScript - OLEAUT32!VariantClear and scrrun!VBADictionary::put_Item Use-After-Free
VBScript - OLEAUT32!VariantClear and scrrun!VBADictionary::putItem Use-After-Free Class class2 Private Sub ClassTerminate var17.RemoveAll End Sub End Class Set var17 = CreateObject"Scripting.Dictionary" Set var17.Item"foo" = new class2 var17.Item"foo" = 1 !--...
From the patch compare to the PoC to reproduce it MS16-0 3 0-vulnerability warning-the black bar safety net
MS16-0 3 0 vulnerability MS16-0 3 0 vulnerabilities Windows OLE remote code execution vulnerability, since OLE does not have the correct validation of user input, causing by the special structure of the file or the program can trigger the vulnerability, causing the user to click on after the remo...
Microsoft HTA (HTML Application) - Remote Code Execution Vulnerability (MS14-064)
Document Title: =============== Microsoft HTA HTML Application - Remote Code Execution Vulnerability MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M...
MS HTA (HTML Application) - Code Execution (MS14-064)
Document Title: =============== MS HTA HTML Application - Code Execution MS14-064 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1576 Video: http://youtu.be/Vkswz7vt23M http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6332 CVE-ID: =======...
Internet Download Manager - OLE Automation Array Remote Code Execution Exploit
Exploit for windows platform in category remote exploits !/usr/bin/php Run Site Grabber 4 . Enter any word "Start page/address" 5 . Click Addvance 6 . check "Enter Login and password manually at the following web page" 7 . Enter your exploit link http://ipaddress:80/ 8 . Next -- Next -- Next --...
Havij - OLE Automation Array Remote Code Execution
!/usr/bin/php ?php Title : Havij OLE Automation Array Remote Code Execution Affected Versions: All Version Founder : ITSecTeam Tested on Windows 7 / Server 2008 Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Websi...
Havij - OLE Automation Array Remote Code Execution
Havij - OLE Automation Array Remote Code Execution !/usr/bin/php ?php Title : Havij OLE Automation Array Remote Code Execution Affected Versions: All Version Founder : ITSecTeam Tested on Windows 7 / Server 2008 Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail ...
VulnCheck KEV: CVE-2014-6332
OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site...
MP3-Nator-Buffer-Overflow
Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil Ramli Credit/Bug Found By: C4SS!0 G0M3S Software Link: http://files.brothersoft.com/mp3audio/players/mp3nator.zip filename = 'crash.plf' ./msfpayload windows/exec CMD=calc EXITFUNC=seh R |...
Windows OLE Automation Array command execution
Added: 11/17/2014 CVE: CVE-2014-6332 BID: 70952 OSVDB: 114533 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. Probl...
Windows OLE Automation Array command execution
Added: 11/17/2014 CVE: CVE-2014-6332 BID: 70952 OSVDB: 114533 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. Probl...
Windows OLE Automation Array command execution
Added: 11/17/2014 CVE: CVE-2014-6332 BID: 70952 OSVDB: 114533 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. Probl...
Windows OLE Automation Array command execution
Added: 11/17/2014 CVE: CVE-2014-6332 BID: 70952 OSVDB: 114533 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. Probl...
Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer
Overview A vulnerability in Microsoft Windows OLE could allow remote code execution if a user views a specially-crafted web page in Internet Explorer. Description The Microsoft Windows OLE OleAut32.dll library provides the SafeArrayRedim function that allows resizing of SAFEARRAY objects in memor...
CVE-2014-6332
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as...
Google Toolbar 1.1.60 Search Function Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5477/info Reportedly, when the Google Toolbar receives a search query it may cause Microsoft Internet Explorer to crash. When a user views a malicious web page it will cause the Google Toolbar to throw an exception in...
Microsoft Active Accessibility DLL Loading Remote Code Execution (MS11-075; CVE-2011-1247)
A remote code execution vulnerability has been reported in Microsoft Windows Active Accessibility component. The vulnerability is due to an error in the way certain applications using OleAut32.dll handle the loading of DLL files. A remote attacker may exploit this vulnerability by enticing a user...