Microsoft XML Core Services <= 6.0 SubstringData Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25301/info Microsoft XML Core Services is prone to an integer-overflow vulnerability because the application fails to ensure that integer values are not overrun. Attackers can exploit this issue by enticing unsuspecting...

Microsoft IE HTML对象substringData()堆溢出漏洞（MS08-031）

BUGTRAQ ID: 29556 CVECAN ID: CVE-2008-1442 Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer显示包含对HTML对象的某些异常方法调用的网页的方式中存在堆溢出漏洞,如果DOM对象以可控的方式调用了substringData的话，就可以触发这个漏洞。攻击者可以通过构建特制的网页来利用该漏洞。当用户查看网页时，该漏洞可能允许远程执行指令。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 7.0 Microsoft Internet...

Microsoft Internet Explorer DOM Object substringData() Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData method...

Microsoft XML Core Services SubstringData堆溢出漏洞（MS07-042）

BUGTRAQ ID: 25301 CVECAN ID: CVE-2007-2223 Microsoft Windows是微软发布的非常流行的操作系统。 Windows XML Core程序库在处理畸形畸形的调用时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 XML Core Services（也被称为MSXML）是Windows操作系统中所安装的用于处理XML文件的函数库。在使用该函数库时没有对XMLDOM对象substringData方式的长度参数执行正确的检查，如果提供了超长的长度值的话，就可能将数据拷贝到不充分的缓冲区，触发堆溢出，导致执行任意指令。 Microso...

[Full-disclosure] MS07-042 XMLDOM substringData&#40;&#41; PoC

This bit of JavaScript kills IE 6 on Windows 2000 and Windows XP SP2 var xmlDoc = new ActiveXObject"Microsoft.XMLDOM"; xmlDoc.loadXML"dummy/dummy"; var txt = xmlDoc.createTextNode"huh"; var out = txt.substringData1,0x7fffffff; Installing the patch from MS07-042 fixes it. Cheers, Alla Bezroutchko...

Microsoft OLE自动化SubstringData函数堆溢出漏洞（MS07-043）

Microsoft Windows是微软发布的非常流行的操作系统。 Windows OLE机制的实现上存在整数溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 对象链接和嵌入（OLE）自动化是一个Windows协议，允许应用程序共享数据或控制其他应用程序。在使用OLE自动化时如果向TextNode JavaScript对象的substringData 方式传送了特制参数的话，就可能触发整数溢出，导致错误的内存分配。如果在实例化了不同的ActiveX对象后出现上述情况的话，则在解除分配ActiveX对象时就会触发堆溢出，导致执行任意代码。 Microsoft Office 2004 for...

Microsoft XML Core Services XMLDOM substringData() buffer overflow

Overview Microsoft XML Core Services contains an unspecified memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft XML Core Services MSXML allow developers who use JScript, Visual Basic Scripting...

Microsoft Internet Explorer substringData Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft software User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData method available ...