Lucene search
K

143 matches found

Packet Storm
Packet Storm
added 2014/10/18 12:0 a.m.75 views

MS14-060 Microsoft Windows OLE Package Manager Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...

9.3CVSS0.3AI score0.81628EPSS
Exploits22
Metasploit
Metasploit
added 2014/10/16 9:37 p.m.175 views

MS14-060 Microsoft Windows OLE Package Manager Code Execution

This module exploits a vulnerability found in Windows Object Linking and Embedding OLE allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our...

7.8CVSS9.6AI score0.81628EPSS
Exploits22
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

QNX RTOS 6.2 Application Packager Non-Explicit Path Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6146/info A vulnerability has been discovered in an application packager shipped with QNX RTOS. It should be noted that the vulnerable packager is installed setuid root by default. It has been reported that the packager...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/04/16 12:0 a.m.77 views

Microsoft Windows Assembly Execution File Inclusion - Ver2 (CVE-2012-0013)

A file inclusion vulnerability has been reported in Microsoft Office. The vulnerability is due to ClickOnce application file types not being included in the Windows Packager unsafe file type list. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...

7AI score0.73753EPSS
Exploits14
NVD
NVD
added 2014/03/21 4:38 a.m.15 views

CVE-2011-5274

The drawAdminToolsPackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control DTC before 0.32.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the dtcpkgdirectory parameter in a doinstall action to dtc/...

7.5CVSS7.6AI score0.02034EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2013/03/12 12:0 a.m.38 views

Microsoft Windows Assembly Execution (MS12-005) - High Confidence (CVE-2012-0013)

A remote code execution vulnerability has been reported in Microsoft Windows Packager. The vulnerability is caused due to ClickOnce application file types not being included in the Windows Packager unsafe file type list. A remote attacker may exploit this issue by enticing a target user to open a...

9.3CVSS7.2AI score0.73753EPSS
Exploits14
Saint
Saint
added 2012/01/24 12:0 a.m.69 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS6AI score0.20561EPSS
Exploits4
Saint
Saint
added 2012/01/24 12:0 a.m.38 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
Saint
Saint
added 2012/01/24 12:0 a.m.47 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
Saint
Saint
added 2012/01/24 12:0 a.m.29 views

Windows Object Packager Insecure Execution

Added: 01/24/2012 CVE: CVE-2012-0009 BID: 51297 OSVDB: 78212 Background Windows Object Packager is a tool that can be used to create a package that can be inserted into a file. Problem A vulnerability exists in the way the Windows Object Packager registers and implements packages stored on networ...

9.3CVSS5.9AI score0.20561EPSS
Exploits4
securityvulns
securityvulns
added 2012/01/21 12:0 a.m.53 views

Office arbitrary ClickOnce application execution vulnerability

------------------------------------------------------------------------ Office arbitrary ClickOnce application execution vulnerability ------------------------------------------------------------------------ Yorick Koster, June 2010...

9.3CVSS6.5AI score0.73753EPSS
Exploits14
securityvulns
securityvulns
added 2012/01/21 12:0 a.m.114 views

Microsoft Windows multiple security vulnerabilities

SafeSEH protection bypass, Windows Object Packager code execution, CSRSS privilege escalation, DirectShow / Windows Media memory corruption, Windows Packager code execution, SSL/TLS information leakage...

9.3CVSS5.9AI score0.73753EPSS
Exploits34References1Affected Software1
OpenVAS
OpenVAS
added 2012/01/11 12:0 a.m.36 views

Microsoft Windows Object Packager Remote Code Execution Vulnerability (2603381)

This host is missing an important security update according to Microsoft Bulletin MS12-002. OpenVAS Vulnerability Test $Id: secpodms12-002.nasl 5341 2017-02-18 16:59:12Z cfi $ Microsoft Windows Object Packager Remote Code Execution Vulnerability 2603381 Authors: Madhuri D Copyright: Copyright c...

9.3CVSS1AI score0.20561EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2012/01/11 12:0 a.m.29 views

Windows ClickOnce Application Installer Remote Code Execution Vulnerability (2584146)

This host is missing an important security update according to Microsoft Bulletin MS12-005. OpenVAS Vulnerability Test $Id: secpodms12-005.nasl 5341 2017-02-18 16:59:12Z cfi $ Windows ClickOnce Application Installer Remote Code Execution Vulnerability 2584146 Authors: Rachana Shetty Copyright:...

9.3CVSS0.7AI score0.73753EPSS
Exploits14References3
OpenVAS
OpenVAS
added 2012/01/11 12:0 a.m.37 views

Windows ClickOnce Application Installer Remote Code Execution Vulnerability (2584146)

This host is missing an important security update according to Microsoft Bulletin MS12-005. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS4.9AI score0.73753EPSS
Exploits14References3
NVD
NVD
added 2012/01/10 9:55 p.m.13 views

CVE-2012-0013

Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted ClickOnce...

9.3CVSS7.4AI score0.73753EPSS
Exploits14References6
NVD
NVD
added 2012/01/10 9:55 p.m.33 views

CVE-2012-0009

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file...

9.3CVSS6.2AI score0.20561EPSS
Exploits4References6
Prion
Prion
added 2012/01/10 9:55 p.m.24 views

Design/Logic Flaw

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file...

9.3CVSS6.8AI score0.20561EPSS
Exploits4References6
Prion
Prion
added 2012/01/10 9:55 p.m.22 views

Design/Logic Flaw

Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted ClickOnce...

9.3CVSS8AI score0.73753EPSS
Exploits14References6Affected Software2
CVE
CVE
added 2012/01/10 9:0 p.m.145 views

CVE-2012-0009

CVE-2012-0009 affects Windows Object Packager handling in Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability stems from how Object Packager registers/implements packages stored on network shares, WebDAV, and UNC paths, allowing local privilege escalation via a Trojan horse executab...

9.3CVSS6.3AI score0.20561EPSS
Exploits4References6Affected Software2
Rows per page
Query Builder