CVE-2010-0815

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications VBA, and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via ...

MS10-031: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213)

A stack memory corruption vulnerability exists in the way that the installed version of Visual Basic for Applications VBA searches for ActiveX controls embedded in documents. If an attacker can trick a user on the affected system into opening a specially crafted document that supports VBA, this...

Microsoft Visual Basic VBE6.DLL Stack Memory Corruption (MS10-031; CVE-2010-0815)

Microsoft Visual Basic VBA is a technology for developing client desktop packaged applications and integrating them with existing data and systems. Microsoft Office products include VBA and make use of VBA to perform certain functions. A remote code execution vulnerability has been reported in th...

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

This host is missing a critical security update according to Microsoft Bulletin MS09-061. OpenVAS Vulnerability Test $Id: secpodms09-061.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability 974378 Authors: Nikita MR Updated By: Madhuri D ...

Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)

This host is missing a critical security update according to Microsoft Bulletin MS09-061. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Apple Safari / WebKit DoS

Stack overflow stack memory exhaustion on eval expression parsing...

CVE-2009-2726

The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 do...

Code injection

The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 do...

CVE-2009-2726

The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 do...

CVE-2009-2726

CVE-2009-2726 affects the Asterisk SIP channel driver and is a DoS due to improper input handling in sscanf-style processing of SIP packets. Affected products and versions include Asterisk Open Source 1.2.x up to 1.2.34, 1.4.x up to 1.4.26.1, 1.6.0.x up to 1.6.0.12, 1.6.1.x up to 1.6.1.4, along w...

AST-2009-005: Remote Crash Vulnerability in SIP channel driver

Asterisk Project Security Advisory - AST-2009-005 +------------------------------------------------------------------------+ | Product | Asterisk | |---------------------+--------------------------------------------------| | Summary | Remote Crash Vulnerability in SIP channel driver |...

Microsoft Video ActiveX control stack buffer overflow

Overview The Microsoft Video ActiveX control contains a stack buffer overflow vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Windows comes with an ActiveX component called "ActiveX control for streaming...

Sorinara Streaming Audio Player Stack Overflow Vulnerability

Sorinara Streaming Audio Player is prone to a stack overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for rsync vulnerability USN-500-1

Ubuntu Update for Linux kernel vulnerabilities USN-500-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5001.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for rsync vulnerability USN-500-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Windows Server Service buffer overflow MS08-067

Added: 10/24/2008 CVE: CVE-2008-4250 BID: 31874 OSVDB: 49243 Background The Windows Server service supports file, print, and named-pipe sharing over the network. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted RPC reques...

Microsoft Excel FORMAT记录无效数组索引漏洞（MS08-043）

BUGTRAQ ID: 30639 CVECAN ID: CVE-2008-3005 Excel是Microsoft Office办公软件套件中的电子表格工具。 Excel没有正确地处理电子表格中的FORMAT记录，如果电子表格中包含有越界数组索引的话，则打开该文件就会导致Excel向栈内存的任意位置写入一个字节，成功利用这个漏洞允许以当前登录用户的权限执行任意指令。 Microsoft Excel 2002 SP3 Microsoft Excel 2000 SP3 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac...

iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability

iDefense Security Advisory 08.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 12, 2008 I. BACKGROUND Microsoft Excel is the spreadsheet application that is included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website...

CVE-2007-0061

The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers ...

Design/Logic Flaw

The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers ...

Information disclosure

Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service stack memory consumption and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might...