Advisory CA-2000-16

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CERT Advisory CA-2000-16 Microsoft 'IE Script'/Access/OBJECT Tag Vulnerability Original release date: August 11, 2000 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Internet Explorer 4.x, 5.x...

Linux news 20.07.00

Linux 2.0.39pre6 Вышла новая pre-версия очередного ядра из старой стабильной серии: Linux 2.0.39pre6. Подробнее: Linux Kernel pre-patch 2.4.0 test5-pre3 Вышел очередной, третий по счету, пятого тестового ядра Linux - Linux Kernel 2.4.0. Подробнее: ftp://ftp.funet.fi/pub/linux/kernel/testing Kerne...

CVE-2000-0597

Microsoft Office 2000 Excel and PowerPoint and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications VBA SaveAs function, aka the "Office HTML Script...

CVE-2000-0260

Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability...

CVE-2000-0260

The CVE-2000-0260 issue is a buffer overflow in the dvwssr.dll used by Microsoft FrontPage 98 Server Extensions for IIS, exposed via InterDev 1.0 and related IIS packages. The Core Advisory CORE-041200 documents a remotely exploitable boundary error in dvwssr.dll (FrontPage 98 extensions) that ca...

Security Bulletin (MS00-025)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-025 - -------------------------------------- Procedure...

CVE-2000-0260

Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability...

CVE-2000-0115

IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page...

CVE-2000-0115

CVE-2000-0115 concerns Microsoft IIS. The vulnerability arises from a denial-of-service condition caused by invalid regular expressions in a Visual Basic script embedded in an ASP page. The root cause is malformed regex handling in VBScript within the ASP context, which can exhaust resources and ...

CVE-1999-0354

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message...

CVE-1999-0354

This CVE (CVE-1999-0354) affects Internet Explorer 4.x/5.x when paired with Word 97, where a Word 97 template containing executable Visual Basic code can run arbitrary programs on the IE client without warning. The issue also applies to Outlook when viewing a malicious email. The underlying risk ...

CVE-2000-0115

IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page...

PT-2000-1103

Name of the Vulnerable Software and Affected Versions IIS affected versions not specified Description The issue allows local users to cause a denial of service by using invalid regular expressions in a Visual Basic script within an ASP page. Recommendations At the moment, there is no information...

June 8, 2021-KB4601554 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, Windows Server, version 20H2, and Windows Server 21H1

June 8, 2021-KB4601554 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, Windows Server, version 20H2, and Windows Server 21H1 Release Date: June 8, 2021 Version: .NET Framework 3.5 and 4.8 The June 8, 2021 updat...

CVE-1999-0354

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message...

CVE-1999-0384

The CVE concerns the Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0). The issue arises because this control can read text from a user’s clipboard when a user accesses documents containing ActiveX content. Impact is limited to disclosure of clipboard data as described i...

CVE-1999-0384

The Forms 2.0 ActiveX control included with Visual Basic for Applications 5.0 can be used to read text from a user's clipboard when the user accesses documents with ActiveX content...

msie-4-5.outlook+word97.txt

Date: Wed, 27 Jan 1999 14:14:39 +0000 From: Vesselin Bontchev To: [email protected] Subject: IE 4/5/Outlook + Word 97 security hole Hello folks, This is not a strictly Windows NT issue - it affects Windows 9x users too. However, it is a very important one, so I decided to post abou...

iis4.0+visual-interdev.txt

Date: Mon, 18 Jan 1999 11:58:06 -0800 From: Adam Berns To: [email protected] Subject: IIS4.0 and Visual Interdev Using Visual Interdev 6.0, I can connect to an IIS 4.0 Server without being asked for any security passwords. The server is running IIS4.0, with Service Pack 4, with the...

seagate.backup.exec.vb.txt

Date: Tue, 16 Feb 1999 11:59:30 -0800 From: Jeffrey Monroe To: [email protected] Subject: Backup Exec/McAfee Virus We have found that the Seagate Backup Exec virus scanning software McAfee can delete "non-infected" Visual Basic class files. Anyone creating custom software could fin...