EUVD-2001-0153

Malware in sbrugna...

Microsoft Visual Studio 6.0 Buffer Overflow

.-----.--.--.--.----.----.-.---| | | | | | | | -| | | |||||| || By MadjiX Sec4ever.com Title : Microsoft visual studio 6.0 VCMUTL.dll 0day unicode ActiveX Buffer overflow author : MadjiX Gr33tz : His0k4 , Bibi-info , Sud0 , corelancod3r , volc4n0 , mrme , Shadow-Devil Exploit: shellcode =...

Microsoft VB Common Controls Animation Object Buffer Overflow (MS08-070; CVE-2008-4255)

The Microsoft Visual Studio 6.0 integrated development environment IDE suite is designed for building Windows based applications and Web solutions. The product contains several tools which can be used to design programs in languages such as Visual C++, or Visual Basic. Microsoft Basic 6.0 is...

Microsoft XML Core Services XMLHttpRequest SetCookie2头信息泄露漏洞

BUGTRAQ ID: 33803 CVECAN ID: CVE-2009-0419 Microsoft XML Core Services（MSXML）允许使用JScript、VBScript和Visual Studio 6.0的用户开发基于XML的应用，以与其他遵循XML 1.0标准的应用程序交互操作。 Microsoft XML Core Services没有正确地限制网页对Set-Cookie2 HTTP响应头的访问，远程攻击者可以通过XMLHttpRequest调用绕过HTTPOnly保护机制读取敏感信息。 Microsoft XML Core Services 6.0...

Microsoft XML Core Services传输编码跨域信息泄露漏洞（MS08-069）

BUGTRAQ ID: 32204 CVECAN ID: CVE-2008-4033 Microsoft XML Core Services（MSXML）允许使用JScript、VBScript和Visual Studio 6.0的用户开发基于XML的应用，以与其他遵循XML 1.0标准的应用程序交互操作。 Microsoft XML Core Services处理传输编码头的方式中存在一个信息泄露漏洞。如果用户浏览包含特制内容的网站或打开特制HTML电子邮件，此漏洞可能允许读取另一个Internet Explorer域中的网页的数据。 Microsoft XML Core Servic...

Microsoft Rich Textbox ActiveX control SaveFile vulnerability

Added: 10/07/2008 CVE: CVE-2008-0237 BID: 27201 OSVDB: 40234 Background Microsoft Rich Textbox is an ActiveX control which comes with Visual Basic and allows creation of formatted text in RTF files. It is located in the Richtx32.ocx file. Problem The SaveFile method in the Rich Textbox ActiveX...

Directory traversal

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

Code injection

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous 1 StartProcess, 2 SyncShell, 3 SaveAs, 4 CABDefaultURL, 5 CABFileName, and 6 CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as...

CVE-2007-4890

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

CVE-2007-4891

CVE-2007-4891 concerns the PDWizard.ocx ActiveX control in Microsoft Visual Studio 6.0. Affected component: PDWizard.ocx (Visual Studio 6.0) with versions 6.0.0.9782 and earlier. Root cause: the PDWizard.ocx ActiveX control exposes dangerous methods (StartProcess, SyncShell, SaveAs, CABDefaultURL...

CVE-2007-4890

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

CVE-2007-4890

CVE-2007-4890 affects the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 within Microsoft Visual Studio 6.0. The vulnerability is an absolute directory traversal in the SaveAs method that allows remote attackers to create or overwrite arbitrary files via a full pathname; the Load method can copy...

CVE-2007-4891

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous 1 StartProcess, 2 SyncShell, 3 SaveAs, 4 CABDefaultURL, 5 CABFileName, and 6 CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as...

Microsoft Visual Studio 6.0 (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"---------------------------------------------------------------------------------------------------------...

Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"------------------------------------------------------------------------------------------------------ bMicrosoft Visual Studio 6.0 PDWizard PDWizard.ocx = 6.0.0.9782...

Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution

Exploit for unknown platform in category remote exploits =================================================================== Microsoft Visual Studio 6.0 PDWizard.ocx Remote Command Execution ===================================================================...

msvs-pdwiz.txt

------------------------------------------------------------------------------------------------------ Microsoft Visual Studio 6.0 PDWizard PDWizard.ocx url: http://www.microsoft.com author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educationa...

Microsoft Visual Studio 6.0 - 'PDWizard.ocx' Remote Command Execution

------------------------------------------------------------------------------------------------------ Microsoft Visual Studio 6.0 PDWizard PDWizard.ocx url: http://www.microsoft.com author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educationa...

Microsoft Visual Studio 6.0 - VBTOVSI.dll 1.0.0.0 File Overwrite

Microsoft Visual Studio 6.0 - VBTOVSI.dll 1.0.0.0 File Overwrite --------------------------------------------------------------------------------------------------------- Microsoft Visual Studio 6.0 VB To VSI Support Library VBTOVSI.DLL v. 1.0.0.0 Arbitrary File Overwrite url:...

Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability

Added: 08/17/2007 CVE: CVE-2007-2216 BID: 25289 OSVDB: 36396 Background The IObjectsafety interface provides methods to get and set safety options for objects which support untrusted clients. Problem The tblinf32.dll ActiveX control implements IObjectsafety incorrectly, allowing execution of code...