Winzip 15.0 WZFLDVW.OCX Text Property Denial of Service

No description provided by source. Exploit Title: Winzip WZFLDVW.OCX text property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/ Twitter :...

quickersite 1.8.5 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1. Description:...

CHILKAT ASP String (CkString.dll <= 1.1) SaveToFile() Inscure Method

No description provided by source. pre codespan style=font: 10pt Courier New;span class=general1-symbol----------------------------------------------------------------------------- bCHILKAT ASP String CkString.dll = 1.1 SaveToFile Inscure Method/b url: http://www.chilkatsoft.com/ author: shinnai...

Mcafee FreeScan CoMcFreeScan Browser Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information...

NVR SP2 2.0 (nvUtility.dll 1.0.14.0) - SaveXMLFile() Inscure Method

No description provided by source. -------------------------------------------------------------------------------------------- NVR SP2 2.0 nvUtility.Utility.1 nvUtility.dll v. 1.0.14.0 SaveXMLFile Inscure Method url: http://www.acti.com/index.asp author: shinnai mail: shinnaiatautisticidotorg...

Autodesk AutoCAD任意VBScript执行漏洞

CVE ID:CVE-2014-0818 Autodesk AutoCAD是一款强大的大型计算机辅助绘图软件。 Autodesk AutoCAD打开文件时会加载特定的FAS文件，AutoCAD处理FAS文件搜索路径存在漏洞，允许攻击者利用漏洞加载任意VBscript代码。 0 Autodesk AutoCAD 2013 厂商补丁： Autodesk ----- 用户可联系厂商获得相应的升级或补丁程序： http://www.autodesk.com/products/autodesk-autocad/overview...

CVE-2014-0818

Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path...

Design/Logic Flaw

Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path...

CVE-2014-0818

CVE-2014-0818 : In Autodesk AutoCAD (pre-2014), an insecure FAS file search path allows a Trojan horse FAS to be loaded, enabling a local user to gain privileges and execute arbitrary VBScript code. Affected products are AutoCAD 2013 and earlier. Root cause: improper handling of the FAS file sear...

CVE-2014-0818

Untrusted search path vulnerability in Autodesk AutoCAD before 2014 allows local users to gain privileges and execute arbitrary VBScript code via a Trojan horse FAS file in the FAS file search path...

JVN#33382534: AutoCAD vulnerable to arbitrary VBScript execution

AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design CAD. AutoCAD loads specific FAS files when opening files. AutoCAD contains an issue with the FAS file search path, which may lead to arbitrary VBScript code execution. Impact Arbitrary VBScript code may be executed wi...

Microsoft VBScript 远程代码执行漏洞(CVE-2014-0271)(MS14-010)

BUGTRAQ ID: 65395 CVECAN ID: CVE-2014-0271 Internet Explorer是微软公司推出的一款网页浏览器。 VBScript引擎除了内存对象时存在远程代码执行漏洞。该漏洞可破坏内存，使攻击者可以在当前用户上下文中执行任意代码。 0 Microsoft Internet Explorer 6-11 临时解决方法： 设置互联网和内联网安全区域设置为“高” 配置IE在运行活动脚本之前提示或直接禁用。 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS14-010）以及相应补丁:...

CVE-2014-0271

The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "VBScript Memory Corruption Vulnerability."...

Memory corruption

The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "VBScript Memory Corruption Vulnerability."...

CVE-2014-0271

The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "VBScript Memory Corruption Vulnerability."...

CVE-2014-0271

The CVE-2014-0271 entry maps to a memory-corruption vulnerability in the VBScript engine used by Microsoft Internet Explorer (IE) 6–11 and VBScript 5.6–5.8. The root cause is memory handling flaws in VBScript that can be triggered by a crafted web site, enabling remote code execution or memory co...

Microsoft Internet Explorer Multiple Vulnerabilities (2909921)

This host is missing a critical security update according to Microsoft Bulletin MS14-010. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft VBScript Remote Code Execution Vulnerability (2928390)

This host is missing a critical security update according to Microsoft Bulletin MS14-011. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MS14-011: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)

The installed version of the VBScript Scripting Engine has a memory corruption vulnerability due to improper handling of objects in memory. If an attacker can trick a user on the system into viewing or opening malicious content, this issue could be leveraged to execute arbitrary code on the...

MS14-011: Description of the security update for Visual Basic Scripting Edition (VBScript) 5.8: February 11, 2014

Addresses a vulnerability by changing how the VBScript scripting engine handles objects in memory.INTRODUCTIONMicrosoft has released security bulletin MS14-011. To view the complete security bulletin, go to one of the following Microsoft websites: Home...