30 matches found
EUVD-2007-1378
Malware in sbrugna...
CVE-2018-19395
ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service NULL pointer dereference and application crash because com and comsafearrayproxy return NULL in compropertiesget in ext/comdotnet/comhandlers.c, as demonstrated by a serialize call on...
CVE-2018-19395
ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service NULL pointer dereference and application crash because com and comsafearrayproxy return NULL in compropertiesget in ext/comdotnet/comhandlers.c, as demonstrated by a serialize call on...
CVE-2007-5653
The Component Object Model COM functions in PHP 5.x on Windows do not follow safemode and disablefunctions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control...
Internet Explorer Unsafe Scripting Misconfiguration
No description provided by source. $Id: ieunsafescripting.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
HP SiteScope (Windows) - Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Apache-Coyote/ include...
McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability
This module exploits a vulnerability found in McAfee Virtual Technician's MVTControl. This ActiveX control can be abused by using the GetObject function to load additional unsafe classes such as WScript.Shell, therefore allowing remote code execution under the context of the user. This module...
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX 'GetObject()' Code Execution
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject Security Bypass Remote Code Execution Vulnerability tested against: Microsoft Windows Vista sp2 Microsoft Windows 2003 r2 sp2 Internet Explorer 7/8/9 product homepage:...
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject() Code Execution
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX GetObject Code Execution McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject Security Bypass Remote Code Execution Vulnerability tested against: Microsoft Windows Vista sp2 Microsoft Windows 2003 r2...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
Yahoo Messenger WScript.Shell ActiveX control command execution
Added: 07/29/2010 Background Yahoo! Messenger is an instant messaging application. It includes the WScript.Shell ActiveX control. Problem The Execute method of the WScript.Shell ActiveX control allows command execution when a malicious web page is loaded in Internet Explorer. Resolution Set the...
PHPMPS 0day-vulnerability warning-the black bar safety net
Author:Minghacker From:http://www.3est.com Blog: http://yxmhero1989.blog.163.com PHPMPS ,masterhttp://www.phpmps.com/to download. v2. 0 official version of GBK and v2. 0 full version UTF8 There are serious security risks, hope you do not destroy, and calmly wait for the official fix upgrade...
Autodesk SoftImage 7.0 Scene - '.TOC' File Remote Code Execution
source: https://www.securityfocus.com/bid/36637/info Autodesk Softimage is prone to a remote code-execution vulnerability. Successful exploits will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service...
wscript. the shell is closed when the mention of the right to use to the little trick-vulnerability warning-the black bar safety net
Source: TechWeb-the technology community There may be a lot of people, seeing close up the wscript. shell,you feel no mention of the right to hope. It will give up. Generally when the closed surface components, you upload the cmd. exe to above to is running no command. The runtime will tell the...
About the server closed the wscript. shell-vulnerability warning-the black bar safety net
There may be a lot of people, seeing close up the wscript. shell,you feel no mention of the right to hope. It will give up. Generally when the closed surface components, you upload the cmd. exe to above to is running no command. The runtime will tell the fault. If you want to run the command you...
MS Internet Explorer Remote Wscript.Shell Exploit
No description provided by source. ----------------------------------------------------- default.htm ------------------------------------------------------- html body img src="cc.exe" width=0 height=0 style=display:none script language="Javascript" function InjectedDuringRedirection...
The coolest windows Backdoor-vulnerability warning-the black bar safety net
The back door principle: Go to: small Chapter blog http://blog.csdn.net/scz123/archive/2007/03/14/1528695.aspx In windows 2 0 0 0/xp/vista, press shift key 5 times, you can open the sticky position, 会运行sethc.exe and, in the login interface may also be open. It's reminiscent of a WINDOWS...
Design/Logic Flaw
The Component Object Model COM functions in PHP 5.x on Windows do not follow safemode and disablefunctions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control...