Immunity Canvas: MS09_022_LOADDLL

Name| ms09022loaddll ---|--- CVE| CVE-2009-0230 Exploit Pack| CANVAS Description| Microsoft Windows Print Spooler Arbitrary DLL Loading Notes| CVE Name: CVE-2009-0230 VENDOR: Microsoft MSADV: MS09-022-LOADDLL Repeatability: One shot Note: Valid credentials of a user with "Manage Printer" privileg...

MS09-022: Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)

The version of the Print Spooler service on the remote Windows host is affected by one or more of the following vulnerabilities : - A buffer overflow vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges. CVE-2009-0228 - Using a specially...

FreeType off-by-one flaws

Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via 1 a crafted table in a Printer Font Binary PFB file or 2 a crafted SHC instruction in a TrueType Font TTF file, which triggers a heap-based buffer overflow...

Microsoft PowerPoint Legacy File Format Printer driver buffer overflow

Added: 05/14/2009 CVE: CVE-2009-0227 BID: 34882 OSVDB: 54384 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

Microsoft PowerPoint Legacy File Format Printer driver buffer overflow

Added: 05/14/2009 CVE: CVE-2009-0227 BID: 34882 OSVDB: 54384 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

Microsoft PowerPoint Legacy File Format Printer driver buffer overflow

Added: 05/14/2009 CVE: CVE-2009-0227 BID: 34882 OSVDB: 54384 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

Microsoft PowerPoint Legacy File Format Printer driver buffer overflow

Added: 05/14/2009 CVE: CVE-2009-0227 BID: 34882 OSVDB: 54384 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

SA-CONTRIB-2009-027 - Printer, e-mail and PDF versions - Cross-site scripting

When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte sequences that are valid in the UTF-...

Mandrake Security Advisory MDVSA-2009:096-1 (printer-drivers)

The remote host is missing an update to printer-drivers announced via advisory MDVSA-2009:096-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mandrake Security Advisory MDVSA-2009:096-1 (printer-drivers)

The remote host is missing an update to printer-drivers announced via advisory MDVSA-2009:096-1. OpenVAS Vulnerability Test $Id: mdksa20090961.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:096-1 printer-drivers Authors: Thomas Reinke Copyright:...

Mandrake Security Advisory MDVSA-2009:096 (printer-drivers)

The remote host is missing an update to printer-drivers announced via advisory MDVSA-2009:096. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only O...

Mandrake Security Advisory MDVSA-2009:096 (printer-drivers)

The remote host is missing an update to printer-drivers announced via advisory MDVSA-2009:096. OpenVAS Vulnerability Test $Id: mdksa2009096.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:096 printer-drivers Authors: Thomas Reinke Copyright: Copyrigh...

CVE-2009-0164

The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks...

MDVA-2008:162 : openoffice.org

This update provides a new upstream version of OpenOffice.org - 2.4.1.10. It also corrects the following bugs: Under 2.4 versions of OpenOffice.org, the Orientation option was removed from printer properties which prevented users from printing on a booklet format in a way they were used to do. Th...

CVE-2009-1333

CVE-2009-1333 affects the HP Deskjet 6840 printer web interface, specifically the refresh_rate.htm page. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the POST request body. The implicated firmware is XF1M131A. The a...

SA-CONTRIB-2009-020 - Print - Cross site scripting

The Printer, e-mail and PDF versions "Print" module provides printer-friendly versions of content. The module does not correctly escape content titles, enabling malicious users to insert arbitrary HTML and scripts into certain pages. Such a cross site scripting XSS attack against sufficiently...

HP Deskjet 6800 Cross Site Scripting

A Cross-site scripting input validation error has been identified in the web interface of the HP Deskjet 6800 printer family. By sending a string such as alert"found XSS on this page" via a POST request to /refreshrate.htm the resulting error page will execute the script. Verified on Deskjet 6840...

HP Deskjet 6840打印机refresh_rate.htm跨站脚本漏洞

BUGTRAQ ID: 34480 HP Deskjet 6840是一款彩色喷墨打印机。 HP Deskjet 6840打印机的WEB接口存在跨站脚本漏洞。如果远程攻击者通过POST请求向/refreshrate.htm页面提交了类似于scriptalert"found XSS on this page"/script的字符串的话，所生成的出错页面就会执行请求中嵌入的脚本。 HP Deskjet 6840 XF1M13 HP -- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://itrc.hp.com...

HP LaserJet Printer Detection

The remote host is an HP LaserJet printer. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid36128; scriptversion"1.23"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/03/18"; scriptxrefname:"IAVT", value:"0001-T-0611"; scriptnameenglish:"HP LaserJet...

HP LaserJet Web Server Unspecified Admin Component Traversal Arbitrary File Access

The remote web server is an embedded web server for an HP LaserJet printer. The version of the firmware reported by the printer is reportedly affected by a directory traversal vulnerability. Because the printer caches printed files, an attacker could exploit this in order to gain access to...