EUVD-2005-4571

Malware in sbrugna...

Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation / Google software updater ships with Chrome on MacOS and installs a root service com.google.Keystone.Daemon.UpdateEngine which lives here:...

FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16073/info FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context...

CVE-2008-4472

The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...

Security feature bypass

The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...

CVE-2008-4472

The CVE-2008-4472 issue is in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56) used by Autodesk products (e.g., Revit Architecture 2009 SP2, Autodesk Design Review 2009). The ApplyPatch method accepts a second argument and can cause arbitrary code execution on a remote Windows host when ...

CVE-2008-4472

The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...

autodesk-exec.txt

!-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk Design Review 2009 which also comes with Revit dll settings both: RegK...

Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit

Exploit for unknown platform in category remote exploits ============================================================== Autodesk DWF Viewer Control / LiveUpdate Module Remote Exploit ============================================================== !-- Autodesk DWF Viewer Control / LiveUpdate Module...

Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution

Autodesk DWF Viewer Control LiveUpdate Module - Remote Code Execution !-- Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit by Nine:Situations:Group::bruiser site: http://retrogod.altervista.org/ tested against IE6 tested software: Revit Architecture 2009 sp2 Autodesk...

CVE-2008-1116

Insecure method vulnerability in the Web Scan Object ActiveX control OL2005.dll in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are...

Design/Logic Flaw

Insecure method vulnerability in the Web Scan Object ActiveX control OL2005.dll in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are...

CVE-2005-4576

Multiple cross-site scripting XSS vulnerabilities in the UpdateEngine program in Fatwire UpdateEngine 6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 COUNTRYNAME, 2 EMAIL, and 3 FUELAPTEMPLATENAME parameters...

CVE-2005-4576

CVE-2005-4576 affects Fatwire UpdateEngine (UpdateEngine) 6.2 and earlier. The vulnerability is multiple cross-site scripting (XSS) flaws exploitable via the parameters COUNTRYNAME, EMAIL, and FUELAP_TEMPLATENAME, allowing remote attackers to inject arbitrary web script or HTML. The available doc...

CVE-2005-4576

Multiple cross-site scripting XSS vulnerabilities in the UpdateEngine program in Fatwire UpdateEngine 6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 COUNTRYNAME, 2 EMAIL, and 3 FUELAPTEMPLATENAME parameters...

FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16073/info FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may...

Fatwire UpdateEngine 6.2 multiple XSS vuln.

Fatwire UpdateEngine 6.2 multiple XSS vuln. Vuln. discovered by : r0t Date: 23 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/fatwire-updateengine-62-multiple-xss.html vendor:http://www.fatwire.com/ affected version:6.2 and prior Product Description: UpdateEngine6 is a dynamic...