8759 matches found
Microsoft Visual Studio WMI Object Broker ActiveX code execution
Object can be used to bypass internet zone restrictions...
Microsoft Visual Studio “WMI Object Broker”控件代码执行漏洞(MS06-073)
Microsoft Visual Studio是微软公司的开发工具套件系列产品,是一个基本完整的开发工具集,包括了软件整个生命周期中所需要的大部分工具。 Visual Studio的"WMI Object Broker"控件在例程的创建和处理上存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意恶意代码。 Visual Studio所捆绑的WMI Object Broker ActiveX控件允许创建系统上已有的ActiveX控件例程。以这种方式创建的ActiveX对象会绕过ActiveX安全限制,如忽略kill bit和safe for...
ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability
ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-047.html December 12, 2006 -- CVE ID: CVE-2006-4704 -- Affected Vendor: Microsoft -- Affected Products: Visual Studio 2005 Standard Edition Visual Studio 20...
Microsoft Security Bulletin MS06-073 Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
Microsoft Security Bulletin MS06-073 Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution 925674 Published: December 12, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Visual Studio 2005 Impact of Vulnerability: Remote Code Execution Maximum...
Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. Successful exploitation requires that the target user browse to a malicious web page. The specific flaw exists in the Microsoft WMIScriptUtils.WMIObjectBroker2 ActiveX...
MS06-073: Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
The remote host is running a version of Microsoft Visual Studio 2005 that is vulnerable to a buffer overflow when handling malformed WMI request in the ActiveX component. An attacker may exploit this flaw to execute arbitrary code on this host, by entice a use to visit a specially crafter web pag...
Visual Events Calendar 1.1 (cfg_dir) Remote Include Vulnerability
No description provided by source. title: Visual Events Calendar v1.1 cfgdir Remote Inclusion Vulnerability Author: xoron script: Visual Events Calendar v1.1 Class : Remote cont@ct: x0r0nathotmaildotcom CODE: include $cfgdir."customizetext.php"; Exploit:...
CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 formerly Business Objects Crystal Reports XI Professional allows user-assisted remote attackers to execute arbitrary code via a crafted RP...
CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 formerly Business Objects Crystal Reports XI Professional allows user-assisted remote attackers to execute arbitrary code via a crafted RP...
CVE-2006-6133
CVE-2006-6133 is a remote-code-execution flaw in Crystal Reports for Visual Studio, affecting Visual Studio 2002/2003/2005 variants that bundle Crystal Reports. The vulnerability lies in how RPT files are parsed, allowing a crafted RPT file to execute arbitrary code with the caller’s privileges w...
Microsoft XML核心服务XMLHTTP控件内存破坏漏洞(MS06-071)
Microsoft XML核心服务(MSXML)允许使用JScript、VBScript和Microsoft Visual Studio 6.0的用户构建可与其他符合XML 1.0标准的应用程序相互操作的XML应用。 在Microsoft XML Core Services的XMLHTTP 4.0...
Microsoft Visual Studio WMI Object Code Execution (MS06-073; CVE-2006-4704)
A remote code execution vulnerability exists in Microsoft Visual Studio 2005. Microsoft Visual Studio is a software development product for computer programmers. It centers on an integrated development environment which lets programmers create standalone applications, web sites, web applications,...
Microsoft Visual Studio “WMI Object Broker”控件代码执行漏洞
Microsoft Visual Studio是微软公司的开发工具套件系列产品,是一个基本完整的开发工具集,包括了软件整个生命周期中所需要的大部分工具。 Visual Studio的\\\\\\\"WMI Object Broker\\\\\\\"控件在例程的创建和处理上存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意恶意代码。 Visual Studio所捆绑的WMI Object Broker ActiveX控件允许创建系统上已有的ActiveX控件例程。以这种方式创建的ActiveX对象会绕过ActiveX安全限制,如忽略kill bit和safe...
CVE-2006-4704
Cross-zone scripting vulnerability in the WMI Object Broker WMIScriptUtils.WMIObjectBroker2 ActiveX control WmiScriptUtils.dll in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Objec...
CVE-2006-4704
Cross-zone scripting vulnerability in the WMI Object Broker WMIScriptUtils.WMIObjectBroker2 ActiveX control WmiScriptUtils.dll in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Objec...
Microsoft Visual Basic for Applications文档检查溢出漏洞(MS06-047)
Microsoft Visual Basic for Applications(VBA)是用于开发客户端桌面所包装的应用程序并集成到现有数据和系统的开发技术。 VBA在处理包含畸形属性字段的文档时存在漏洞,攻击者可能利用此漏洞在用户机器上执行任意指令。 VBA在打开文档时会检查主机应用程序对其传送的某些文档属性,因此主机应用程序就可能向VBA传送未检查的参数。如果攻击者能够诱骗用户打开设置了特殊属性的文档的话,就可能触发缓冲区溢出,导致执行任意代码。 Microsoft Office XP Microsoft Office 2000 Microsoft Visual Basic for...
CVE-2006-5544
Visual truncation vulnerability in Microsoft Internet Explorer 7 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a malicious URL containing non-breaking spaces %A0, which causes the address bar to omit some characters from the URL...
CVE-2006-5544
CVE-2006-5544 describes a visual truncation vulnerability in Microsoft Internet Explorer 7 where a malicious URL containing non-breaking spaces (%A0) causes the address bar to omit characters, enabling possible address bar spoofing and phishing. The vulnerability is tied to the address bar render...
Xfire 1.6.4 - Remote Denial of Service
!/usr/bin/perl Moderator of http://igniteds.net X fire version:new Release 1.64 Vendors web site http://www.xfire.com/ remote exploit coded by: n00b.. Credit's to n00b for finding this bug.. Xfire client has a dos exploit closing the client upon success full exploitation xfire will fail..Ive...
Exhibit Engine 1.5 RC 4 - photo_comment.php File Inclusion
Exhibit Engine 1.5 RC 4 - photocomment.php File Inclusion ' ' EXPLOIT coded by Kacper in Visual Basic ;- ' '::::::::: :::::::::: ::: ::: ::::::::::: ::: ':+: :+: :+: :+: :+: :+: :+: '+:+ +:+ +:+ +:+ +:+ +:+ +:+ '++ +:+ +++:++ ++ +:+ ++ ++ '++ ++ ++ ++ ++ ++ ++ '+ + + +++ + + ' ':::::::::::...