22 matches found
CVE-2010-1239
Foxit Reader before 3.2.1.0401 allows remote attackers to 1 execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and 2 execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836...
CVE-2011-4787
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4786...
CVE-2002-2313
Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by...
Remote Monitoring & Management software used in phishing attacks
Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...
CVE-2022-23597
Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...
Design/Logic Flaw
Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...
CVE-2022-23597
Element Desktop before 1.9.7 is vulnerable to a remote code execution bug via user interaction that requires a malicious link click followed by another button click. The attacker can specify a binary path on the victim’s machine for execution (arguments cannot be set), and in some configurations ...
CVE-2022-23597 Remote program execution with user interaction
Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...
CVE-2022-23597 Remote program execution with user interaction
Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...
Selea CarPlateServer 4.0.1.6 Remote Program Execution
Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120 4.013201105 3.100200225 3.005191206 3.005191112 Summary: Our CPS Car Plate Server software is an advanced solution that can be installed on...
Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution
Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Remote Program Execution Date: 08.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version:...
Google Chrome has an unspecified vulnerability (CNVD-2019-03621)
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the external protocol handling of CustomHandlers in versions of Google Chrome prior to 69.0.3497.81. A remote attacker can exploit the vulnerability to open external programs with th...
CVE-2017-14471
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
PT-2018-5658 · Allen Bradley · Micrologix 1400 Series B
Name of the Vulnerable Software and Affected Versions: Allen Bradley Micrologix 1400 Series B versions 21.2 and before Description: An exploitable access control issue exists in the data, program, and function file permissions functionality. A specially crafted packet can cause a read or write...
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability
Exploit for windows platform in category remote exploits Title : POP Peeper 4.0.1 - Persistent Code Execution Vulnerability Author : ZwX Vendor : http://www.esumsoft.com/ Download : http://data.esumsoft.com/download/POPPeeperPro.zip Tested On : Windows 7 Description Vulnerability :...
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability
Document Title: =============== POP Peeper 4.0.1 - Persistent Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1657 Release Date: ============= 2015-11-26 Vulnerability Laboratory ID VL-ID: ====================================...
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability
Document Title: =============== POP Peeper 4.0.1 - Persistent Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1657 Release Date: ============= 2015-11-26 Vulnerability Laboratory ID VL-ID: ====================================...
Microsoft Office OCX ActiveX controls OpenWebFile program execution
Added: 01/30/2009 BID: 33243 Background Microsoft Office OCX is a suite of ActiveX document containers to create, open, edit, and print Microsoft Office files. Problem A vulnerability in multiple Office OCX ActiveX controls allows a web page to execute remote programs using the OpenWebFile method...
CVE-2004-0841
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."...
VulnCheck KEV: CVE-2004-0839
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup...