CVE-2008-6994

Removed by vendor...

Autodesk LiveUpdate ActiveX Control Code Execution (CVE-2008-4471; CVE-2008-4472)

Autodesk provides several software products for professional designing of buildings and other infrastructure. A code execution vulnerability has been reported in Autodesk LiveUpdate ActiveX control within multiple products. The vulnerability is due to an error in the Autodesk LiveUpdate ActiveX...

Directory traversal

Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control AdView.dll 9.0.0.96, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via ".." sequences in the argument to the SaveAS...

Google Chrome 'SaveAs'功能'Title'标签缓冲区溢出漏洞

BUGTRAQ ID: 31029 CNCAN ID：CNCAN-2008090604 Google Chrome是一款谷歌公司新开发的WEB浏览器。 Google Chrome处理"SaveAs"函数时存在边界错误检查问题，远程攻击者可以利用漏洞进行缓冲区溢出攻击，可能以应用程序权限执行任意指令。 构建包含超长标题的title标签HTML页，诱使用户保存此页面时，可触发缓冲区溢出，精心构建标题数据，可导致以应用程序权限执行任意指令。 Google Chrome 0.2.149 27 目前没有解决方案提供： http://www.google.com/chrome...

Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"------------------------------------------------------------------------------------------------------ bMicrosoft Visual Studio 6.0 PDWizard PDWizard.ocx = 6.0.0.9782...

Directory traversal

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

CVE-2007-4890

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

CVE-2007-4890

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

msvs-pdwiz.txt

------------------------------------------------------------------------------------------------------ Microsoft Visual Studio 6.0 PDWizard PDWizard.ocx url: http://www.microsoft.com author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educationa...

Microsoft Visual Studio 6.0 - PDWizard.ocx Remote Command Execution

Microsoft Visual Studio 6.0 - PDWizard.ocx Remote Command Execution ------------------------------------------------------------------------------------------------------ Microsoft Visual Studio 6.0 PDWizard PDWizard.ocx url: http://www.microsoft.com author: shinnai mail: shinnaiatautisticidotorg...

Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)

Microsoft Internet Explorer 7 - Arbitrary File Rewrite MS07-027 MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification //next script is converted to UTF16 target.SessionDescription="MS07-027 mdsauth.dll Proof of Concept exploit" target.SessionAuthor="Andr...

Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)

MS07-027 mdsauth.dll NMSA Session Description Object SaveAs control, arbitrary file modification //next script is converted to UTF16 target.SessionDescription="MS07-027 mdsauth.dll Proof of Concept exploit" target.SessionAuthor="Andres Tarasco Acuna" target.SessionEmailContact="atarascoatgmail.co...

Design/Logic Flaw

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service Internet Explorer 7 crash via a long 1 DoOleCommand, 2 FTPDownloadFile, 3 FTPUploadFile, 4 HttpUploadFile, 5 GotoPage, 6 Save, 7 SaveWebFile, 8 HttpDownloadFile, 9 Open, 10 OpenWebFile, 11...

CVE-2007-2496

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service Internet Explorer 7 crash via a long 1 DoOleCommand, 2 FTPDownloadFile, 3 FTPUploadFile, 4 HttpUploadFile, 5 GotoPage, 6 Save, 7 SaveWebFile, 8 HttpDownloadFile, 9 Open, 10 OpenWebFile, 11...

word-ocx.txt

2007/05/03 ----------------------------------------------------------------------------- WordViewer.ocx v. 3.2.0.5 multiple methods Denial of Service url: http://www.officeocx.com/ price: from €63.95 update to last version to €1,585.95 Royalty author: shinnai mail: shinnaiatautisticidotorg site:...

CVE-2002-1716

The Host function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability...

Microsoft Internet Explorer execCommand() method SaveAs command uses misleading "Save HTML Document" dialog

Overview Microsoft Internet Explorer contains a vulnerability in the way that it presents a Save As dialog. By invoking the SaveAs command with execCommand, an attacker could display a dialog that could trick a user into saving arbitrary content. Description Microsoft Internet Explorer IE support...

MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass

Exploit for unknown platform in category remote exploits ================================================================== MS Internet Explorer 6.0 SP2 File Download Security Warning Bypass ================================================================== Orginal Advisory and exploit by...

Microsoft Internet Explorer 6.0 SP2 - File Download Security Warning Bypass

Microsoft Internet Explorer 6.0 SP2 - File Download Security Warning Bypass Orginal Advisory and exploit by cyberflash Vengy Circumvent Windows XP SP2 security features using execCommand 'SaveAs' function! Demonstration: Notice that you don't receive any warning messages such as: "File Download -...

CVE-2002-1716

The Host function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability...