148 matches found
EUVD-2010-1209
Malware in sbrugna...
vml-lda.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1144696 Security Researcher Dipu1A Helped patch 971 vulnerabilities Received 5 Coordinated Disclosure badges Received 21 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting vml-lda.com website and its...
Microsoft Office: Rely on VML for displaying graphics in browsers
This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013vmlforbrowsergraphics.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Rely on VML for displaying graphics in browsers Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
Exploit for CVE-2017-8570
The provided repository is an exploit toolkit for CVE-2017-8570, a vulnerability in Microsoft Office PPSX files. The toolkit is designed to generate malicious PPSX files that can deliver payloads to a target system. The payloads can be either local or remote, depending on the user's preference. T...
Microsoft Internet Explorer VML textpath Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2013-2551-sample analysis and exploits and Defense-vulnerability warning-the black bar safety net
0x0 is written on the front VUPEN team in the Pwn2Own 2013 hacking contest using the vulnerability to compromise Windows 8 environment, IE10, then on their blog discloses technical details. According to VUPEN description of the vulnerability produced in the VGX. DLL module, in the VML language...
End of Life for Internet Explorer 8, 9 and 10
Microsoft has started the year with an announcement that, effective Jan. 12, 2016, support for all older versions of Internet Explorer IE will come to an end known as an EoL, or End of Life. The affected versions are Internet Explorer 7, 8, 9, and 10. What this means for users is that Microsoft...
Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities
No description provided by source. My name is Nishant Das Patnaik, an independent security researcher from India. I have discovered multiple vulnerabilities in the Web Browser of the high end smartphones manufactured by Nokia running Symbian OS 3rd Edition. The detailed vulnerability disclosures...
Microsoft Internet Explorer 5.0.1 Vector Markup Language VGX.DLL Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25310/info Microsoft Internet Explorer is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. This issue occurs when rendering VML Vector Markup Language...
Internet Explorer VML Fill Method Code Execution
No description provided by source. $Id: ms06055vmlmethod.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
MS KB2963983: Vulnerability in Internet Explorer Could Allow Remote Code Execution
The remote host is missing one of the workarounds referenced in Microsoft Security Advisory 2963983. The remote Internet Explorer install is affected by an unspecified use-after-free vulnerability related to the VML and Flash components. By exploiting this flaw, a remote, unauthenticated attacker...
Microsoft Internet Explorer CMarkup use-after-free vulnerability
Overview Microsoft Internet Explorer contains a use-after-free vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a use-after-free vulnerability. This can allow for arbitrary code...
Internet Explorer VML Buffer Overrun (MS07-004) - Ver2 (CVE-2007-0024)
Microsoft Internet Explorer IE contains a remote code execution vulnerability. The vulnerability exists in Microsoft Vector Markup Language VML. VML is a set of XML tags used for exchange, editing, and delivery of vector graphics on the web. By convincing a user to visit a specially crafted Web...
Internet Explorer VML Remote Code Execution - Ver2 (CVE-2012-0155)
A code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object that has been deleted. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...
Microsoft Windows GDI+ VML Gradient Buffer Overflow (MS08-052) - Ver2 (CVE-2007-5348)
Vector Markup Language VML is a set of XML tags used for exchange, editing, and delivery of vector graphics on the web. A remote code execution vulnerability has been reported in the way that GDI+ handles VML files. The vulnerability is due to a heap-based buffer overrun when GDI+ fails to proper...
(0Day) (Mobile Pwn2Own) Polaris Viewer DOCX VML Shape Tag Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable Polaris Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the parsing of a DOCX file. A tag associated with a VML shap...
MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
This module exploits an integer overflow vulnerability on Internet Explorer. The vulnerability exists in the handling of the dashstyle.array length for vml shapes on the vgx.dll module. The exploit has been built and tested specifically against Windows 7 SP1 with Internet Explorer 8. It uses eith...
Internet Explorer VML Dashstyle Attributes Integer Overflow
Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...
Internet Explorer VML Dashstyle Attributes Integer Overflow
Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...
Internet Explorer VML Dashstyle Attributes Integer Overflow
Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...