8761 matches found
Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution
Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution usage: vbexploit.py FileName.vbp import sys print "--------------------------------------------------------------------------" print " PoC2 Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution " print " author: shinnai" print ...
Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution Exploit
Exploit for unknown platform in category local exploits ======================================================================== Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution Exploit ======================================================================== usage: vbexploit.py...
CVE-2007-4963
The CVE concerns WinImage 8.10 and earlier, which has a visual truncation vulnerability in filenames inside .IMG or .ISO files. A long sequence of space characters in a destination filename can be used to spoof the target name, and this can be combined with a separate directory traversal vulnerab...
Directory traversal
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...
CVE-2007-4890
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...
CVE-2007-4891
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous 1 StartProcess, 2 SyncShell, 3 SaveAs, 4 CABDefaultURL, 5 CABFileName, and 6 CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as...
Code injection
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous 1 StartProcess, 2 SyncShell, 3 SaveAs, 4 CABDefaultURL, 5 CABFileName, and 6 CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as...
CVE-2007-4891
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous 1 StartProcess, 2 SyncShell, 3 SaveAs, 4 CABDefaultURL, 5 CABFileName, and 6 CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as...
CVE-2007-4890
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...
CVE-2007-4890
CVE-2007-4890 affects the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 within Microsoft Visual Studio 6.0. The vulnerability is an absolute directory traversal in the SaveAs method that allows remote attackers to create or overwrite arbitrary files via a full pathname; the Load method can copy...
CVE-2007-4891
CVE-2007-4891 concerns the PDWizard.ocx ActiveX control in Microsoft Visual Studio 6.0. Affected component: PDWizard.ocx (Visual Studio 6.0) with versions 6.0.0.9782 and earlier. Root cause: the PDWizard.ocx ActiveX control exposes dangerous methods (StartProcess, SyncShell, SaveAs, CABDefaultURL...
Microsoft Visual Studio VB To VSI支持库ActiveX控件任意文件覆盖漏洞
BUGTRAQ ID: 25635 Microsoft Visual Studio是微软公司的开发工具套件系列产品,是一个基本完整的开发工具集,包括了软件整个生命周期中所需要的大部分工具。 Visual Studio中所安装的VB To VSI支持库(VBTOVSI.DLL)没有正确的验证某些方式的输入参数,允许用户使用Load方式做为参数加载本地机器的文件,然后使用SaveAs方式将其保存到任意位置。 Microsoft Visual Studio 6.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
Microsoft Visual Studio PDWizard.ocx ActiveX控件多个不安全方式漏洞
BUGTRAQ ID: 25638 Microsoft Visual Studio是微软公司的开发工具套件系列产品,是一个基本完整的开发工具集,包括了软件整个生命周期中所需要的大部分工具。 Visual Studio所安装的PDWizard.ocx ActiveX控件没有正确的验证对StartProcess、SyncShell、SaveAs、CABDefaultURL、 CABFileName、CABRunFile等方式的输入参数,如果用户受骗访问了恶意网页并向这些方式传送了超长参数的话,就可能导致执行任意代码。 Microsoft Visual Studio 6.0...
Microsoft Visual Studio 6.0 (VBTOVSI.DLL 1.0.0.0) File Overwrite Exploit
No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"---------------------------------------------------------------------------------------------------------...
Microsoft Visual Basic 6.0 VBP_Open函数缓冲区溢出漏洞
BUGTRAQ ID: 25629 Visual Basic是用来创建高性能的企业应用程序及基于Web的应用程序的工具。 如果用户受骗使用Visual Basic的VBPOpen函数打开了恶意的.VBP文件或Visual Basic项目的话,就可能触发缓冲区溢出,导致执行任意代码。 Microsoft Visual Basic 6.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/technet/security/ !/usr/bin/perl ' ++ Microsoft Visual...
Microsoft Visual Studio 6.0 (PDWizard.ocx) Remote Command Execution
No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"------------------------------------------------------------------------------------------------------ bMicrosoft Visual Studio 6.0 PDWizard PDWizard.ocx = 6.0.0.9782...
MS07-052: Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution (941522)
The remote host is running a version of Microsoft Visual Studio that may allow arbitrary code to be run. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open it. Then a bug in th...
msvb-vbto.txt
--------------------------------------------------------------------------------------------------------- Microsoft Visual Studio 6.0 VB To VSI Support Library VBTOVSI.DLL v. 1.0.0.0 Arbitrary File Overwrite url: http://www.microsoft.com author: shinnai mail: shinnaiatautisticidotorg site:...
Microsoft Visual Studio 6.0 - PDWizard.ocx Remote Command Execution
Microsoft Visual Studio 6.0 - PDWizard.ocx Remote Command Execution ------------------------------------------------------------------------------------------------------ Microsoft Visual Studio 6.0 PDWizard PDWizard.ocx url: http://www.microsoft.com author: shinnai mail: shinnaiatautisticidotorg...
Microsoft Visual Studio 6.0 - VBTOVSI.dll 1.0.0.0 File Overwrite
Microsoft Visual Studio 6.0 - VBTOVSI.dll 1.0.0.0 File Overwrite --------------------------------------------------------------------------------------------------------- Microsoft Visual Studio 6.0 VB To VSI Support Library VBTOVSI.DLL v. 1.0.0.0 Arbitrary File Overwrite url:...