Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting

Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting Hacking with mhtml protocol handler Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/1/15 References: http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt Ph4nt0m Webzine 0x05...

Microsoft Internet Explorer MHTML Cross Site Scripting

Hacking with mhtml protocol handler Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/1/15 References: http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt Ph4nt0m Webzine 0x05 http://secinn.appspot.com/pstzine Was finally released yesterday, There are two...

Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability (929123)

This host is missing a critical security update according to Microsoft Bulletin MS07-034. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability (929123)

This host is missing a critical security update according to Microsoft Bulletin MS07-034. OpenVAS Vulnerability Test $Id: gbms07-034.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability 929123 Authors: Madhuri D...

Researcher Publishes Method for Bypassing Flash Local-with-filesystem Sandbox

A security researcher has published a simple method for bypassing one of the sandboxes that Adobe has implemented to prevent Flash files from taking unwanted or malicious actions on users’ PCs. Billy Rios, a well-known application security researcher, developed a quick method for bypassing the...

CVE-2010-3751

Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the 1 tfile, 2 pnmm, or 3 cdda protocol handler...

CVE-2010-3625

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

acroread: multiple code execution flaws (APSB10-21)

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

Microsoft Help Center XSS and Command Execution

Help and Support Center is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing help documents directly via URLs by installing a protocol handler for the scheme "hcp". Due to an error in validation of input to hcp:// combined with a...

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing...

Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing...

Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)

Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly MS03-044 Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application...

Design/Logic Flaw

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

CVE-2010-0191

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

CVE-2010-0191

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

Acroread: Multiple code execution flaws (APSB10-09)

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

Adobe Acrobat < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)

The version of Adobe Acrobat installed on the remote host is earlier than 9.3.2 / 8.2.2. Such versions are reportedly affected by multiple vulnerabilities : - A cross-site scripting issue could lead to code execution. CVE-2010-0190 - A prefix protocol handler vulnerability could lead to code...

Adobe Reader < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)

The version of Adobe Reader installed on the remote host is earlier than 9.3.2 / 8.2.2. Such versions are reportedly affected by multiple vulnerabilities : - A cross-site scripting issue could lead to code execution. CVE-2010-0190 - A prefix protocol handler vulnerability could lead to code...

ZDI-10-027: Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability

ZDI-10-027: Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-027 March 11, 2010 -- Affected Vendors: Skype -- Affected Products: Skype -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers hav...

Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with how the OS web-browser passes command line arguments ...