Yahoo! Widgets引擎YDPCTL.DLL控件栈溢出漏洞

BUGTRAQ ID: 25086 Yahoo! Widget是由雅虎推出的免费开源桌面应用程序平台，由Widget引擎和Widget工具两部分组成，可极大的便利网络操作和完善桌面应用。 Yahoo! Widget的YDPCTL.YDPControl.1ActiveX控件实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 YDPCTL.YDPControl.1（YDPCTL.dll）ActiveX控件在处理GetComponentVersion方式时存在栈溢出漏洞。如果用户受骗访问了恶意站点并向该方式传送了超过512字节的超长字符串的话，就可以触发这个溢出，导致执行任意指令...

Stack overflow

Stack-based buffer overflow in the YDPCTL.YDPControl.1 aka Yahoo! Installer Plugin for Widgets ActiveX control before 2007.7.13.3 20070620 in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: so...

CVE-2007-4034

Stack-based buffer overflow in the YDPCTL.YDPControl.1 aka Yahoo! Installer Plugin for Widgets ActiveX control before 2007.7.13.3 20070620 in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: so...

CVE-2007-4034

The vulnerability CVE-2007-4034 affects Yahoo! Widgets’ ActiveX control YDPCTL.dll (YDPCTL.YDPControl.1) in Yahoo! Widgets before 4.0.5. A stack-based buffer overflow is triggered by a long argument to GetComponentVersion(), allowing remote execution of arbitrary code. Supported details in the co...

KLA10408 ACE vulnerability in Yahoo! Widgets

A buffer overflow was found in Yahoo! Widgets. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed argument. Original advisories - Related products Yahoo!-Widgets CVE list CVE-2007-4034 critical Solutio...

Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow Vulnerability

Yahoo! Widgets Engine 4.0.3 YDPCTL.DLL ActiveX Control Buffer Overflow Vulnerability. CVE-2007-4034. Remote exploit for windows platform source: http://www.securityfocus.com/bid/25086/info Yahoo! Widgets Engine is prone to a buffer-overflow vulnerability because it fails to bounds-check...

Yahoo! Widgets YDP YDPCTL.YDPControl.1 ActiveX (YDPCTL.dll) Buffer Overflow

The remote host contains the YDP ActiveX control, distributed as a part of Yahoo! Widgets. The version of this control installed on the remote host reportedly fails to validate input to the 'GetComponentVersion' method before storing it in a 512-byte buffer. If an attacker can trick a user on the...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Build it Fast bif3 0.4.1 allow remote attackers to execute arbitrary PHP code via a URL in 1 the peardir parameter to Base/Application.php, or the 2 sysdir parameter to a Footer.php, b widget.BifContainer.php, c widget.BifRoot.php, d...

CVE-2007-2762

Multiple PHP remote file inclusion vulnerabilities in Build it Fast bif3 0.4.1 allow remote attackers to execute arbitrary PHP code via a URL in 1 the peardir parameter to Base/Application.php, or the 2 sysdir parameter to a Footer.php, b widget.BifContainer.php, c widget.BifRoot.php, d...

CVE-2007-2762

Multiple PHP remote file inclusion vulnerabilities in Build it Fast bif3 0.4.1 allow remote attackers to execute arbitrary PHP code via a URL in 1 the peardir parameter to Base/Application.php, or the 2 sysdir parameter to a Footer.php, b widget.BifContainer.php, c widget.BifRoot.php, d...

Fedora Core 5 : kdebase-3.5.3-0.3.fc5 (2006-726)

Thu Jun 15 2006 Than Ngo 6:3.5.3-0.3.fc5 - fix BR - Wed Jun 14 2006 Than Ngo 6:3.5.3-0.2.fc5 - apply patch to to fix 194659, CVE-2006-2449 KDM symlink attack vulnerability thanks to KDE security team - Thu Jun 8 2006 Than Ngo 6:3.5.3-0.1.fc5 - update to 3.5.3 - Fri May 12 2006 Than Ngo...

CVE-2005-1474

Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933...

CVE-2005-1933

Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier CFBundleIdentifier, a different vulnerability than CVE-2005-1474...

CVE-2005-1474

In CVE-2005-1474, Apple Mac OS X 10.4.1’s Dashboard allows remote widget installation through Safari without user prompts, enabling execution or installation of user widgets that can override system widgets. The vulnerability stems from Safari automatically handling widget installation and widget...

CVE-2005-1933

Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier CFBundleIdentifier, a different vulnerability than CVE-2005-1474...

CVE-2005-1727

Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the 1 system cache folder and 2 Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions."...

Apple Safari automatically installs Dashboard widgets

Overview Apple Safari on Mac OS X Tiger automatically installs Dashboard widgets without user intervention or notice. Description DashboardDashboard is a new feature introduced in Apple Mac OS X Tiger 10.4. Dashboard is a collection of applications called "widgets." The system-installed widgets a...

Apple Mac OSX executes arbitrary widget with same "bundle identifier" as system widget

Overview Apple Mac OS X Tiger Dashboard executes arbitrary widgets with the same "bundle identifier" as a system widget. This can allow a user-installed widget to override a system-installed one. Description DashboardDashboard is a new feature introduced in Apple Mac OS X Tiger 10.4. Dashboard is...