8758 matches found
CVE-2004-0204
CVE-2004-0204 describes a directory traversal in Crystal Reports and Crystal Enterprise Web viewers redistributed with Microsoft Visual Studio .NET 2003, Outlook 2003 with Business Contact Manager, and Microsoft Business Solutions CRM 1.2. The vulnerability arises from improper validation of HTTP...
Microsoft Security Bulletin MS04-017 Vulnerability in Crystal Reports Web Viewer Could Allow Information Disclosure and Denial of Service (842689)
Microsoft Security Bulletin MS04-017 Vulnerability in Crystal Reports Web Viewer Could Allow Information Disclosure and Denial of Service 842689 Issued: June 8, 2004 Version: 1.0 Summary Who should read this document: Customers who use Microsoft® Visual Studio .NET 2003, who use Microsoft Office...
Business Objects Crystal Reports 910 Web Form Viewer - Directory Traversal
Business Objects Crystal Reports 910 Web Form Viewer - Directory Traversal source: https://www.securityfocus.com/bid/10260/info Crystal Reports and Crystal Enterprise Web Form Viewer is prone to a directory traversal vulnerability. This issue can allow an attacker to retrieve and delete files,...
shatterCommCtrl.txt
Intro ----- Brett Moore from Security Assesment put me onto this one. XP's Visual Styles, the feature that makes various controls in Windows XP look a less dated, also introduce a new shatter type vulnerability into the OS. Vuln ------- Applications which have the new XPified appearance use...
ShoutCast server 1.9.2/win32
Informations : °°°°°°°°°°°° Language : Microsoft Visual C++ v5.0/v6.0 MFC Bugged Version : ShoutCast server 1.9.2/win32 and less ? Patched version : none Website : http://www.shoutcast.com Problems : DoS if we know the password from the server Objects : °°°°°°° - scserv.exe vulnerable variable:...
Shatter XP
Intro ----- Brett Moore from Security Assesment put me onto this one. XP's Visual Styles, the feature that makes various controls in Windows XP look a less dated, also introduce a new shatter type vulnerability into the OS. Vuln ------- Applications which have the new XPified appearance use...
CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications VBA SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter...
CVE-2003-0347
Vulnerability CVE-2003-0347 affects Microsoft Visual Basic for Applications (VBA) 5.0–6.3 via heap-based overflow in VBE.DLL and VBE6.DLL. An attacker could supply a document with a long ID parameter to cause remote code execution. Impact is remote compromise with user privileges; affected compon...
CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications VBA SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter...
Microsoft Visual Basic for Applications buffer overflow
Buffer overflow on opening macro document...
Microsoft Security Bulletin MS03-037: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution(822715)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution 822715 Date: 03 September 2003 Affected Software: Microsoft Visual Basic for Applications SDK 5.0 Microsoft...
MS03-037: Visual Basic for Application Overflow (822715)
The remote host is running a version of Microsoft Visual Basic for Applications that is vulnerable to a buffer overflow when handling malformed documents. An attacker may exploit this flaw to execute arbitrary code on this host by sending a malformed file to a user of the remote host. C Tenable...
Microsoft Visual Basic For Applications SDK 5.06.06.26.3 - Document Handling Buffer Overrun
Microsoft Visual Basic For Applications SDK 5.06.06.26.3 - Document Handling Buffer Overrun source: https://www.securityfocus.com/bid/8534/info A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs because the software fails to perform sufficient...
Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 - Document Handling Buffer Overrun
source: https://www.securityfocus.com/bid/8534/info A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs because the software fails to perform sufficient boundary checks when parsing specific properties of malformed documents. As a result, a...
Microsoft MCWNDX.OCX ActiveX buffer overflow
Microsoft MCWNDX.OCX ActiveX buffer overflow ================================================= PROGRAM: MICROSOFT MCIWNDX.OCX ACTIVEX BUFFER OVERFLOW HOMEPAGE: www.microsoft.com VULNERABLE VERSIONS: MCWNDX is an ActiveX shipped with Visual Studio 6 to support multimedia programming. DESCRIPTION...
CVE-2002-0696
Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames...
Microsoft Visual FoxPro fails to properly evaluate filenames before launching application
Overview There is a vulnerability in Microsoft Visual FoxPro 6.0 that allows remote attackers to execute Visual FoxPro applications with the privileges of the victim user. Description Microsoft Visual FoxPro 6.0 contains an unspecified vulnerability that allows remote attackers to execute arbitra...
Security Bulletin MS02-049: Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without Warning (Q326568)
---------------------------------------------------------------------- Title: Flaw Could Enable Web Page to Launch Visual FoxPro 6.0 Application Without Warning Q326568 Date: 04 September 2002 Software: Microsoft Visual FoxPro 6.0 Impact: Attacker could gain control over user's system. Max Risk:...
Code execution via Microsoft Visual FoxPro
.app files are open without any warning...
CVE-2002-0619
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic VBA scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" CVE-2000-0788...