3702 matches found
HHControl Object (showHelp) may execute shortcuts embedded in help files
Overview The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file CHM to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not...
Notes default ECL allows execution of unsigned code
Overview Lotus Notes prior to version 5.02, had permissive ECLs that allow for the execution of malicious mail messages. Description A Notes ECL is a list consisting of a Notes Username and a set of permissions from the following list for Notes 4.6.x: Access to file system Access to current...