jetlib.sec » Tags » activex-control

Feeds

268039 items (8 unread) in 27 feeds

• 0day.today (was: 1337day, Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines (8 unread)
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

111 items tagged "activex control"

Related tags: zero [+], oracle [+], ntr [+], microsoft [+], insecure method [+], day [+], arbitrary code execution [+], secure desktop [+], cisco secure [+], buffer overflow [+], autovue [+], teechart [+], remote [+], micalizzi [+], integer overflow [+], exploit [+], client [+], based buffer overflow [+], zero day [+], vpn client [+], vpn [+], txt [+], trendnet [+], stopmodule [+], stack buffer [+], silverlight [+], securview [+], proficy historian [+], proficy [+], oracle webcenter [+], microsoft silverlight [+], microsoft data analyzer [+], method [+], memory corruption [+], max [+], malicious web [+], magneto [+], internet security suite [+], internet [+], integer [+], initiative [+], icmp [+], ibm [+], historian [+], ftp [+], file [+], exploits [+], easewe [+], dvrobot [+], desktop user [+], cisco signed [+], cisco anyconnect [+], buffer overflows [+], buffer overflow vulnerability [+], buffer overflow condition [+], attacker [+], arithmetic operation [+], arbitrary code [+], activex [+], webcenter [+], ssl vpn [+], sonicwall [+], research [+], rational [+], poc [+], overflow [+], multiple [+], messenger [+], keyhelp [+], ibm rational clearquest [+], hp software [+], heap [+], gigabyte [+], forms [+], format string [+], e class [+], dldrv [+], disclosure of information [+], csd [+], code [+], clearquest [+], cisco security advisory [+], cisco security [+], care software [+], andrea micalizzi [+], secunia [+], s system [+], code execution [+], advisory [+], wellintech [+], webscan [+], vulnerabilities [+], vuln [+], url [+], uri uninitialized [+], update [+], uninitialized pointer [+], tlist [+], tivoli provisioning manager express [+], tivoli [+], tec [+], surl [+], string argument [+], sssplt [+], ssrt [+], sony vaio [+], sigplus [+], sharpgrid [+], setsource [+], setmarkupmode [+], security advisory [+], scanserver [+], safer use [+], retired [+], reporttree [+], record [+], recognition [+], realplayer [+], realnetworks [+], rce [+], quot [+], quest [+], provisioning [+], promotic [+], professional [+], pro [+], photo [+], parvez [+], office [+], novell zenworks [+], novell iprint [+], novell [+], luigi auriemma [+], lotus inotes [+], kvwebsvr [+], knowledge system [+], knowledge [+], kingview [+], iprint [+], intrust [+], installation [+], input validation [+], icosetserver [+], iconics [+], hpsbgn [+], hpediag [+], hp photo [+], honeywell [+], gamehouse [+], g. henrique [+], easy [+], dvbsexecall [+], dll [+], dell dellsystemlite [+], decisiontools [+], datev base [+], control stack [+], control array [+], computer associates [+], command execution [+], cisco [+], camera stream [+], buffer overflow vulnerabilities [+], bigant [+], bennet [+], bdl [+], auriemma [+], alexander gavrun [+], aladdin knowledge [+], aladdin [+], Software [+], vulnerability [+], security [+], control [+]

• December 05, 2012
• 16:00

  Oracle WebCenter Forms Recognition 'Sssplt30.ocx' ActiveX Control Remote Code Execution Vulnerabilty

   » ‎ SecuriTeam
  Oracle WebCenter Forms Recognition is prone to a remote code-execution vulnerability.

  Tags:  webcenter oracle forms code-execution oracle-webcenter activex-control  

• November 07, 2012
• 0:00

  Vuln: Oracle WebCenter Forms Recognition 'Sssplt30.ocx' ActiveX Control Remote Code Execution Vulnerabilty

   » ‎ SecurityFocus Vulnerabilities
  Oracle WebCenter Forms Recognition 'Sssplt30.ocx' ActiveX Control Remote Code Execution Vulnerabilty

  Tags:  oracle recognition sssplt code-execution oracle-webcenter activex-control  

• 0:00

  Vuln: Oracle WebCenter Forms Recognition 'CroScPlt.dll' ActiveX Control Insecure Method Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Oracle WebCenter Forms Recognition 'CroScPlt.dll' ActiveX Control Insecure Method Vulnerability

  Tags:  webcenter oracle forms insecure-method oracle-webcenter activex-control  

• October 28, 2012
• 17:00

  GE Proficy Historian 'KeyHelp.ocx' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Proficy Historian is prone to a remote code-execution vulnerability.

  Tags:  vulnerability historian proficy proficy-historian code-execution activex-control  

• October 25, 2012
• 14:00

  [dos / poc] - Aladdin Knowledge System Ltd PrivAgent ActiveX Control 2.0 Multiple Vulnerabilities

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [dos / poc] - Aladdin Knowledge System Ltd PrivAgent ActiveX Control 2.0 Multiple Vulnerabilities

  Tags:  knowledge poc aladdin aladdin-knowledge activex-control knowledge-system  

• October 11, 2012
• 0:00

  Vuln: GE Proficy Historian 'KeyHelp.ocx' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  GE Proficy Historian 'KeyHelp.ocx' ActiveX Control Remote Code Execution Vulnerability

  Tags:  historian proficy keyhelp proficy-historian code-execution activex-control  

• September 21, 2012
• 23:43

  NTR ActiveX Control StopModule() Remote Code Execution

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a vulnerability found in the NTR ActiveX 1.1.8. The vulnerability exists in the StopModule() method, where the lModule parameter is used to dereference memory to get a function pointer, which leads to code execution under the context of the user visiting a malicious web page.

  Tags:  stopmodule activex ntr code-execution malicious-web activex-control  

• 23:43

  NTR ActiveX Control StopModule() Remote Code Execution

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a vulnerability found in the NTR ActiveX 1.1.8. The vulnerability exists in the StopModule() method, where the lModule parameter is used to dereference memory to get a function pointer, which leads to code execution under the context of the user visiting a malicious web page.

  Tags:  stopmodule activex ntr code-execution malicious-web activex-control  

• 23:43

  NTR ActiveX Control StopModule() Remote Code Execution

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a vulnerability found in the NTR ActiveX 1.1.8. The vulnerability exists in the StopModule() method, where the lModule parameter is used to dereference memory to get a function pointer, which leads to code execution under the context of the user visiting a malicious web page.

  Tags:  stopmodule activex ntr code-execution malicious-web activex-control  

• September 09, 2012
• 23:29

  Secunia Security Advisory 50572

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in Honeywell HMIWeb Browser ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• September 02, 2012
• 20:42

  Secunia Security Advisory 49311

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in CyberLink KoanBox ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control parvez s-system  

• August 29, 2012
• 0:00

  Vuln: RETIRED: Novell ZENWorks 'LaunchHelp.dll' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  RETIRED: Novell ZENWorks 'LaunchHelp.dll' ActiveX Control Remote Code Execution Vulnerability

  Tags:  retired vuln novell-zenworks code-execution activex-control  

• 0:00

  Vuln: GE Proficy Historian 'KeyHelp.ocx' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  GE Proficy Historian 'KeyHelp.ocx' ActiveX Control Remote Code Execution Vulnerability

  Tags:  historian proficy keyhelp proficy-historian code-execution activex-control  

• August 08, 2012
• 0:00

  Vuln: Easewe FTP OCX ActiveX Control 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Easewe FTP OCX ActiveX Control 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities

  Tags:  insecure-method activex-control  

• August 07, 2012
• 14:00

  [local exploits] - Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

  Tags:  exploit oracle setmarkupmode buffer-overflow activex-control autovue  

• 8:15

  Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a vulnerability found in the AutoVue.ocx ActiveX control. The vulnerability, due to the insecure usage of an strcpy like function in the SetMarkupMode method, when handling a specially crafted sMarkup argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page. The module has been successfully tested against Oracle AutoVue Desktop Version 20.0.0 (AutoVue.ocx 20.0.0.7330) on IE 6, 7, 8 and 9 (Java 6 needed to DEP and ASLR bypass).

  Tags:  oracle activex autovue based-buffer-overflow activex-control  

• 8:15

  Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a vulnerability found in the AutoVue.ocx ActiveX control. The vulnerability, due to the insecure usage of an strcpy like function in the SetMarkupMode method, when handling a specially crafted sMarkup argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page. The module has been successfully tested against Oracle AutoVue Desktop Version 20.0.0 (AutoVue.ocx 20.0.0.7330) on IE 6, 7, 8 and 9 (Java 6 needed to DEP and ASLR bypass).

  Tags:  oracle activex autovue based-buffer-overflow activex-control  

• 8:15

  Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a vulnerability found in the AutoVue.ocx ActiveX control. The vulnerability, due to the insecure usage of an strcpy like function in the SetMarkupMode method, when handling a specially crafted sMarkup argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page. The module has been successfully tested against Oracle AutoVue Desktop Version 20.0.0 (AutoVue.ocx 20.0.0.7330) on IE 6, 7, 8 and 9 (Java 6 needed to DEP and ASLR bypass).

  Tags:  oracle activex autovue based-buffer-overflow activex-control  

• August 06, 2012
• 14:00

  [remote exploits] - Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [remote exploits] - Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

  Tags:  exploit oracle remote buffer-overflow activex-control autovue  

• August 03, 2012
• 14:00

  [local exploits] - Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow

  Tags:  exploit setsource surl buffer-overflow activex-control exploits  

• July 17, 2012
• 11:00

  Bugtraq: Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow

   » ‎ SecurityFocus Vulnerabilities
  Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow

  Tags:  research secunia cisco buffer-overflow activex-control  

• July 04, 2012
• 0:00

  Vuln: IBM Rational ClearQuest 'cqole.dll' ActiveX Control Heap Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  IBM Rational ClearQuest 'cqole.dll' ActiveX Control Heap Buffer Overflow Vulnerability

  Tags:  ibm clearquest rational ibm-rational-clearquest buffer-overflow-vulnerability activex-control  

• June 29, 2012
• 0:00

  Vuln: IBM Rational ClearQuest 'cqole.dll' ActiveX Control Heap Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  IBM Rational ClearQuest 'cqole.dll' ActiveX Control Heap Buffer Overflow Vulnerability

  Tags:  ibm clearquest rational ibm-rational-clearquest buffer-overflow-vulnerability activex-control  

• June 23, 2012
• 4:32

  Secunia Security Advisory 49550

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in AOL dnUpdater ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• June 10, 2012
• 18:00

  Secunia Security Advisory 49443

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in IBM Lotus iNotes Upload Module ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security lotus-inotes activex-control s-system  

• June 01, 2012
• 2:14

  Secunia Security Advisory 49340

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - High-Tech Bridge SA has reported two vulnerabilities in Sony VAIO WifiMan ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security sony-vaio activex-control s-system  

• May 09, 2012
• 14:00

  [dos / poc] - DecisionTools SharpGrid ActiveX Control RCE

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [dos / poc] - DecisionTools SharpGrid ActiveX Control RCE

  Tags:  poc sharpgrid decisiontools activex-control rce  

• April 10, 2012
• 0:00

  Vuln: IBM Tivoli Provisioning Manager Express ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  IBM Tivoli Provisioning Manager Express ActiveX Control Remote Code Execution Vulnerability

  Tags:  ibm provisioning tivoli tivoli-provisioning-manager-express code-execution activex-control  

• April 06, 2012
• 18:03

  TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.

  Tags:  internet securview trendnet buffer-overflow-condition arbitrary-code-execution activex-control  

• 18:03

  TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.

  Tags:  internet securview trendnet buffer-overflow-condition arbitrary-code-execution activex-control  

• 18:03

  TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.

  Tags:  internet securview trendnet buffer-overflow-condition arbitrary-code-execution activex-control  

• April 05, 2012
• 21:58

  Secunia Security Advisory 48681

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Quest Explain Plan Display ActiveX Control, which can be exploited by malicious people to manipulate certain data.

  Tags:  advisory secunia security andrea-micalizzi activex-control micalizzi  

• 21:58

  Secunia Security Advisory 48674

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Quest Connection Broker Client ActiveX Control, which can be exploited by malicious people to manipulate certain data.

  Tags:  activex-control micalizzi secunia  

• April 01, 2012
• 2:50

  Secunia Security Advisory 48601

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in TRENDnet UltraMJCam ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security andrea-micalizzi activex-control micalizzi s-system  

• March 29, 2012
• 18:49

  Secunia Security Advisory 48602

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Camera Stream Client ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  camera-stream activex-control micalizzi  

• March 28, 2012
• 12:00

  Bugtraq: Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite Vulnerability

  Tags:  intrust reporttree quest activex-control vulnerability  

• February 03, 2012
• 0:00

  Vuln: C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  C6 Messenger Installation URL Downloader ActiveX Control Arbitrary File Download Vulnerability

  Tags:  installation messenger url activex-control vulnerability  

• January 18, 2012
• 14:00

  [remote exploits] - HP Easy Printer Care XMLCacheMgr Class ActiveX Control Code Execution

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [remote exploits] - HP Easy Printer Care XMLCacheMgr Class ActiveX Control Code Execution

  Tags:  exploit easy remote code-execution activex-control exploits  

• January 11, 2012
• 19:33

  NTR ActiveX Control Four Buffer Overflows

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.

  Tags:  control activex ntr s-system buffer-overflows activex-control  

• 19:33

  NTR ActiveX Control Four Buffer Overflows

   » ‎ Packet Storm Security Recent Files
  Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.

  Tags:  control activex ntr s-system buffer-overflows activex-control  

• 19:33

  NTR ActiveX Control Four Buffer Overflows

   » ‎ Packet Storm Security Misc. Files
  Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.

  Tags:  control activex ntr s-system buffer-overflows activex-control  

• November 18, 2011
• 0:27

  Secunia Security Advisory 46477

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• November 17, 2011
• 7:48

  DVR Remote ActiveX Control DVRobot Library Loading

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.

  Tags:  control activex dvrobot s-system activex-control arbitrary-code  

• 7:48

  DVR Remote ActiveX Control DVRobot Library Loading

   » ‎ Packet Storm Security Recent Files
  Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.

  Tags:  control activex dvrobot s-system activex-control arbitrary-code  

• 7:48

  DVR Remote ActiveX Control DVRobot Library Loading

   » ‎ Packet Storm Security Misc. Files
  Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.

  Tags:  control activex dvrobot s-system activex-control arbitrary-code  

• November 02, 2011
• 0:00

  Vuln: Bennet-Tec TList ActiveX Control 'SaveData()' Insecure Method Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Bennet-Tec TList ActiveX Control 'SaveData()' Insecure Method Vulnerability

  Tags:  tlist activex tec insecure-method bennet activex-control  

• October 31, 2011
• 8:00

  Bugtraq: PlotLineControl ActiveX Control "LinePutPoint" Integer Overflow

   » ‎ SecurityFocus Vulnerabilities
  PlotLineControl ActiveX Control "LinePutPoint" Integer Overflow

  Tags:  control quot overflow integer-overflow activex-control  

• 0:00

  Vuln: PROMOTIC ActiveX Control 'GetPromoticSite' Method Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  PROMOTIC ActiveX Control 'GetPromoticSite' Method Remote Code Execution Vulnerability

  Tags:  control activex promotic code-execution activex-control vulnerability  

• September 01, 2011
• 2:03

  Secunia Security Advisory 44875

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• 0:00

  Vuln: ICONICS IcoSetServer ActiveX Control Trusted Zone Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ICONICS IcoSetServer ActiveX Control Trusted Zone Vulnerability

  Tags:  activex icosetserver iconics vulnerability activex-control  

• August 23, 2011
• 20:58

  Secunia Security Advisory 45740

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Anil Aphale has reported a vulnerability in the F-Secure Gadget Resource Handler ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• August 22, 2011
• 0:00

  Vuln: HP Easy Printer Care Software 'HPTicketMgr.dll' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  HP Easy Printer Care Software 'HPTicketMgr.dll' ActiveX Control Remote Code Execution Vulnerability

  Tags:  code-execution care-software activex-control  

• August 18, 2011
• 0:00

  Vuln: Honeywell ScanServer ActiveX Control Use-After-Free Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Honeywell ScanServer ActiveX Control Use-After-Free Remote Code Execution Vulnerability

  Tags:  activex honeywell scanserver code-execution activex-control  

• August 17, 2011
• 0:00

  Vuln: HP Easy Printer Care Software 'HPTicketMgr.dll' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  HP Easy Printer Care Software 'HPTicketMgr.dll' ActiveX Control Remote Code Execution Vulnerability

  Tags:  code-execution care-software activex-control  

• August 13, 2011
• 13:18

  TeeChart Professional ActiveX Control 2010.0.0.3 Trusted Integer Dereference

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a integer overflow in TeeChart Pro ActiveX control. When sending an overly large/negative integer value to the AddSeries() property of TeeChart2010.ocx, the code will perform an arithmetic operation that wraps the value and is later directly trusted and called upon. This Metasploit module has been designed to bypass DEP only under IE8 with Java support.

  Tags:  integer teechart activex arithmetic-operation integer-overflow activex-control  

• 13:18

  TeeChart Professional ActiveX Control 2010.0.0.3 Trusted Integer Dereference

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a integer overflow in TeeChart Pro ActiveX control. When sending an overly large/negative integer value to the AddSeries() property of TeeChart2010.ocx, the code will perform an arithmetic operation that wraps the value and is later directly trusted and called upon. This Metasploit module has been designed to bypass DEP only under IE8 with Java support.

  Tags:  integer teechart activex arithmetic-operation integer-overflow activex-control  

• 13:18

  TeeChart Professional ActiveX Control 2010.0.0.3 Trusted Integer Dereference

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a integer overflow in TeeChart Pro ActiveX control. When sending an overly large/negative integer value to the AddSeries() property of TeeChart2010.ocx, the code will perform an arithmetic operation that wraps the value and is later directly trusted and called upon. This Metasploit module has been designed to bypass DEP only under IE8 with Java support.

  Tags:  integer teechart activex arithmetic-operation integer-overflow activex-control  

• 5:14

  Secunia Security Advisory 45547

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been discovered in the TeeChart Pro ActiveX control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• August 10, 2011
• 21:00

  [remote exploits] - TeeChart Professional ActiveX Control

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [remote exploits] - TeeChart Professional ActiveX Control

  Tags:  teechart activex professional activex-control exploits  

• June 26, 2011
• 20:06

  Secunia Security Advisory 45044

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Ubisoft CoGSManager ActiveX control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security luigi-auriemma activex-control auriemma s-system  

• June 25, 2011
• 0:45

  Easewe FTP 4.5.0.9 Insecure Method

   » ‎ Packet Storm Security Exploits
  The Easewe FTP OCX ActiveX control suffers from an insecure method vulnerability.

  Tags:  easewe method ftp insecure-method activex-control vulnerability  

• 0:45

  Easewe FTP 4.5.0.9 Insecure Method

   » ‎ Packet Storm Security Recent Files
  The Easewe FTP OCX ActiveX control suffers from an insecure method vulnerability.

  Tags:  easewe method ftp insecure-method activex-control vulnerability  

• 0:45

  Easewe FTP 4.5.0.9 Insecure Method

   » ‎ Packet Storm Security Misc. Files
  The Easewe FTP OCX ActiveX control suffers from an insecure method vulnerability.

  Tags:  easewe method ftp insecure-method activex-control vulnerability  

• June 09, 2011
• 8:17

  Magneto ICMP ActiveX 4.0.0.20 ICMPSendEchoRequest Remote Code Execution

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a remote code execution vulnerability in Magneto ICMP ActiveX Control (OCX) version 4.0.0.20.

  Tags:  magneto activex icmp code-execution activex-control vulnerability  

• 8:17

  Magneto ICMP ActiveX 4.0.0.20 ICMPSendEchoRequest Remote Code Execution

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a remote code execution vulnerability in Magneto ICMP ActiveX Control (OCX) version 4.0.0.20.

  Tags:  magneto activex icmp code-execution activex-control vulnerability  

• 8:17

  Magneto ICMP ActiveX 4.0.0.20 ICMPSendEchoRequest Remote Code Execution

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a remote code execution vulnerability in Magneto ICMP ActiveX Control (OCX) version 4.0.0.20.

  Tags:  magneto activex icmp code-execution activex-control vulnerability  

• June 07, 2011
• 8:38

  Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a vulnerability in the Cisco AnyConnect VPN client vpnweb.ocx ActiveX control. This control is typically used to install the VPN client. An attacker can set the 'url' property which is where the control tries to locate the files needed to install the client. The control tries to download two files from the site specified within the 'url' property. One of these files it will be stored in a temporary directory and executed.

  Tags:  client vpn control cisco-anyconnect vpn-client activex-control attacker  

• 8:38

  Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a vulnerability in the Cisco AnyConnect VPN client vpnweb.ocx ActiveX control. This control is typically used to install the VPN client. An attacker can set the 'url' property which is where the control tries to locate the files needed to install the client. The control tries to download two files from the site specified within the 'url' property. One of these files it will be stored in a temporary directory and executed.

  Tags:  client vpn control cisco-anyconnect vpn-client activex-control attacker  

• 8:38

  Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a vulnerability in the Cisco AnyConnect VPN client vpnweb.ocx ActiveX control. This control is typically used to install the VPN client. An attacker can set the 'url' property which is where the control tries to locate the files needed to install the client. The control tries to download two files from the site specified within the 'url' property. One of these files it will be stored in a temporary directory and executed.

  Tags:  client vpn control cisco-anyconnect vpn-client activex-control attacker  

• May 04, 2011
• 23:57

  Secunia Security Advisory 44417

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been discovered in ICONICS VersionInfo ActiveX control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• April 28, 2011
• 0:09

  Secunia Security Advisory 43116

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control  

• April 12, 2011
• 0:00

  Vuln: Computer Associates WebScan ActiveX Control Multiple Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Computer Associates WebScan ActiveX Control Multiple Remote Code Execution Vulnerabilities

  Tags:  multiple code remote code-execution activex-control webscan  

• April 11, 2011
• 0:00

  Vuln: RealNetworks GameHouse 'InstallerDlg.dll' ActiveX Control Multiple Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  RealNetworks GameHouse 'InstallerDlg.dll' ActiveX Control Multiple Vulnerabilities

  Tags:  dll realnetworks gamehouse activex-control vulnerabilities  

• March 22, 2011
• 5:00

  Secunia Security Advisory 43360

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Secunia Research has discovered a vulnerability in Honeywell ScanServer ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control  

• March 18, 2011
• 0:00

  Vuln: RealPlayer ActiveX Control CDDA URI Uninitialized Pointer Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  RealPlayer ActiveX Control CDDA URI Uninitialized Pointer Vulnerability

  Tags:  control realplayer activex uri-uninitialized uninitialized-pointer activex-control vulnerability  

• March 16, 2011
• 0:00

  Vuln: WellinTech KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WellinTech KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability

  Tags:  kingview kvwebsvr wellintech buffer-overflow-vulnerability activex-control heap  

• March 14, 2011
• 4:37

  Secunia Security Advisory 43466

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Alexander Gavrun has discovered a vulnerability in Edraw Office Viewer Component ActiveX control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security alexander-gavrun activex-control s-system  

• February 23, 2011
• 17:23

  Zero Day Initiative Advisory 11-093

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 11-093 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Internet Security Suite 2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user.

  Tags:  day zero vulnerability internet-security-suite activex-control zero-day  

• 17:23

  Zero Day Initiative Advisory 11-093

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 11-093 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Internet Security Suite 2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user.

  Tags:  day zero vulnerability internet-security-suite activex-control zero-day  

• 17:23

  Zero Day Initiative Advisory 11-093

   » ‎ Packet Storm Security Misc. Files
  Zero Day Initiative Advisory 11-093 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Internet Security Suite 2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user.

  Tags:  day zero vulnerability internet-security-suite activex-control zero-day  

• 17:23

  Zero Day Initiative Advisory 11-092

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 11-092 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Secure Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CSDWebInstaller.ocx. The CSDWebInstallerCtrl ActiveX control allows downloading and executing any Cisco-signed executable files. By renaming a Cisco-signed executable file to inst.exe and putting it on a webserver, an attacker can subsequently exploit vulnerabilities in the Cisco-signed executable file remotely.

  Tags:  zero cisco-signed file cisco-secure activex-control secure-desktop desktop-user  

• 17:23

  Zero Day Initiative Advisory 11-092

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 11-092 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Secure Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CSDWebInstaller.ocx. The CSDWebInstallerCtrl ActiveX control allows downloading and executing any Cisco-signed executable files. By renaming a Cisco-signed executable file to inst.exe and putting it on a webserver, an attacker can subsequently exploit vulnerabilities in the Cisco-signed executable file remotely.

  Tags:  zero cisco-signed file cisco-secure activex-control secure-desktop desktop-user  

• 17:23

  Zero Day Initiative Advisory 11-092

   » ‎ Packet Storm Security Misc. Files
  Zero Day Initiative Advisory 11-092 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Secure Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CSDWebInstaller.ocx. The CSDWebInstallerCtrl ActiveX control allows downloading and executing any Cisco-signed executable files. By renaming a Cisco-signed executable file to inst.exe and putting it on a webserver, an attacker can subsequently exploit vulnerabilities in the Cisco-signed executable file remotely.

  Tags:  zero cisco-signed file cisco-secure activex-control secure-desktop desktop-user  

• February 17, 2011
• 19:41

  Secunia Security Advisory 42880

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Dell DellSystemLite.Scanner ActiveX control, which can be exploited by malicious people to disclose various information.

  Tags:  advisory secunia security dell-dellsystemlite activex-control security-advisory  

• February 03, 2011
• 0:00

  Vuln: SigPlus Pro ActiveX Control Multiple Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  SigPlus Pro ActiveX Control Multiple Vulnerabilities

  Tags:  sigplus activex pro activex-control  

• February 02, 2011
• 21:24

  Secunia Security Advisory 42800

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in SigPlus Pro ActiveX control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security activex-control s-system  

• December 31, 2010
• 14:00

  [remote exploits] - HP Photo Creative 2.x audio.Record.1 ActiveX Control Stack Based BOF

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [remote exploits] - HP Photo Creative 2.x audio.Record.1 ActiveX Control Stack Based BOF

  Tags:  photo activex record control-stack activex-control hp-photo  

• December 14, 2010
• 16:50

  Zero Day Initiative Advisory 10-290

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-290 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Business Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Load and LoadTheme methods of the SapThemeRepository ActiveX control (sapwdpcd.dll) implemented by SAP NetWeaver Business Client. Due to a failure in bounds checking, a user-supplied parameter supplied to the vulnerable methods can overflow a stack buffer resulting in arbitrary code execution under the context of the user running the browser.

  Tags:  day zero initiative arbitrary-code-execution stack-buffer activex-control  

• 16:50

  Zero Day Initiative Advisory 10-290

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-290 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Business Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Load and LoadTheme methods of the SapThemeRepository ActiveX control (sapwdpcd.dll) implemented by SAP NetWeaver Business Client. Due to a failure in bounds checking, a user-supplied parameter supplied to the vulnerable methods can overflow a stack buffer resulting in arbitrary code execution under the context of the user running the browser.

  Tags:  day zero initiative arbitrary-code-execution stack-buffer activex-control  

• 16:50

  Zero Day Initiative Advisory 10-290

   » ‎ Packet Storm Security Misc. Files
  Zero Day Initiative Advisory 10-290 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Business Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Load and LoadTheme methods of the SapThemeRepository ActiveX control (sapwdpcd.dll) implemented by SAP NetWeaver Business Client. Due to a failure in bounds checking, a user-supplied parameter supplied to the vulnerable methods can overflow a stack buffer resulting in arbitrary code execution under the context of the user running the browser.

  Tags:  day zero initiative arbitrary-code-execution stack-buffer activex-control  

• November 22, 2010
• 12:45

  HP Software Update HPeDiag Disclosure of Information and Execution of Arbitrary Code Vulnerabilities

   » ‎ SecuriTeam
  Potential vulnerabilities have been identified with the HPeDiag ActiveX control which is a component of HP Software Update running under windows.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  hpediag update Software hp-software activex-control disclosure-of-information  

• November 17, 2010
• 20:41

  Secunia Security Advisory 42311

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Wendel G. Henrique has reported a vulnerability in the TVSLiveControl ActiveX Control, which can be exploited by malicious people to compromise a user's system.

  Tags:  advisory secunia security g.-henrique activex-control s-system  

• October 26, 2010
• 20:01

  HPSBGN02333-SSRT080031-2.txt

   » ‎ Packet Storm Security Advisories
  HP Security Bulletin HPSBGN02333 SSRT080031 2 - A potential vulnerability has been identified with the HPeDiag ActiveX control which is a component of HP Software Update running under windows. The vulnerability could be exploited to allow remote disclosure of information and execution of arbitrary code. Revision 2 of this advisory.

  Tags:  ssrt vulnerability hpsbgn activex-control disclosure-of-information hp-software  

• September 29, 2010
• 0:00

  Vuln: Microsoft Silverlight ActiveX Control Pointer Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Silverlight ActiveX Control Pointer Memory Corruption Vulnerability

  Tags:  microsoft silverlight activex microsoft-silverlight memory-corruption activex-control  

• September 21, 2010
• 14:00

  [remote exploits] - Novell iPrint Client ActiveX Control call-back-url Buffer Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [remote exploits] - Novell iPrint Client ActiveX Control call-back-url Buffer Overflow

  Tags:  novell client iprint novell-iprint buffer-overflow activex-control  

• September 15, 2010
• 0:00

  Vuln: Microsoft Silverlight ActiveX Control Pointer Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Silverlight ActiveX Control Pointer Memory Corruption Vulnerability

  Tags:  microsoft silverlight activex microsoft-silverlight memory-corruption activex-control  

• August 19, 2010
• 9:16

  SonicWALL E-Class SSL-VPN ActiveX Control Format String Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  SonicWALL E-Class SSL-VPN ActiveX Control Format String Overflow

  Tags:  sonicwall e-class ssl-vpn format-string activex-control  

• 8:00

  Bugtraq: NSOADV-2010-005: SonicWALL E-Class SSL-VPN ActiveX Control format string overflow

   » ‎ SecurityFocus Vulnerabilities
  NSOADV-2010-005: SonicWALL E-Class SSL-VPN ActiveX Control format string overflow

  Tags:  sonicwall e-class ssl-vpn format-string activex-control overflow  

• August 12, 2010
• 0:00

  Vuln: Microsoft Silverlight ActiveX Control Pointer Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Silverlight ActiveX Control Pointer Memory Corruption Vulnerability

  Tags:  microsoft silverlight activex microsoft-silverlight memory-corruption activex-control  

• July 15, 2010
• 22:02

  secunia-gigaunsafe.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered some vulnerabilities in GIGABYTE Dldrv2 ActiveX Control, which can be exploited by malicious people to compromise a user's system. The unsafe method dl() allows automatically downloading and executing an arbitrary file. Combined usage of the unsafe methods SetDLInfo() and Bdl() allows automatically downloading an arbitrary file to an arbitrary location on the user's system. GIGABYTE Dldrv2 ActiveX Control version 1.4.206.11 is affected.

  Tags:  control activex dldrv activex-control s-system bdl  

• 22:02

  secunia-gigaarray.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in GIGABYTE Dldrv2 ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation of the item argument passed to the SetDLInfo() method and can be exploited via array-indexing errors to corrupt memory. Successful exploitation allows execution of arbitrary code. GIGABYTE Dldrv2 ActiveX Control version 1.4.206.11 is affected.

  Tags:  gigabyte vulnerability dldrv activex-control input-validation s-system  

• 12:01

  Bugtraq: Secunia Research: GIGABYTE Dldrv2 ActiveX Control Array Indexing Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Secunia Research: GIGABYTE Dldrv2 ActiveX Control Array Indexing Vulnerability

  Tags:  research gigabyte secunia control-array activex-control vulnerability  

• June 15, 2010
• 0:00

  Vuln: Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability

  Tags:  activex microsoft max microsoft-data-analyzer code-execution activex-control  

• June 12, 2010
• 3:01

  secunia-creative.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in Creative Software AutoUpdate Engine 2 ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in a callback function used when handling the BrowseFolder() method. This can be exploited to cause a stack-based buffer overflow via an overly long string argument. Successful exploitation allows execution of arbitrary code.

  Tags:  txt vulnerability secunia based-buffer-overflow activex-control string-argument  

• June 11, 2010
• 0:00

  Vuln: Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability

  Tags:  activex microsoft max microsoft-data-analyzer code-execution activex-control  

• June 09, 2010
• 0:00

  Vuln: Computer Associates PSFormX ActiveX Control Multiple Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Computer Associates PSFormX ActiveX Control Multiple Remote Code Execution Vulnerabilities

  Tags:  multiple code remote code-execution activex-control computer-associates  

• April 30, 2010
• 0:00

  Vuln: BigAnt Office Messenger 'AntCore.dll' ActiveX Control Multiple Heap Buffer Overflow Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  BigAnt Office Messenger 'AntCore.dll' ActiveX Control Multiple Heap Buffer Overflow Vulnerabilities

  Tags:  messenger office bigant buffer-overflow-vulnerabilities activex-control heap  

• April 15, 2010
• 17:00

  cisco-sa-20100414-csd.txt

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Secure Desktop contains a vulnerable ActiveX control that could allow an attacker to execute arbitrary code with the privileges of the user who is currently logged into the affected system. Cisco has released a free software update that addresses this vulnerability.

  Tags:  txt advisory csd cisco-secure cisco-security cisco-security-advisory activex-control secure-desktop  

• 17:00

  cisco-sa-20100414-csd.txt

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Secure Desktop contains a vulnerable ActiveX control that could allow an attacker to execute arbitrary code with the privileges of the user who is currently logged into the affected system. Cisco has released a free software update that addresses this vulnerability.

  Tags:  txt advisory csd cisco-secure cisco-security cisco-security-advisory activex-control secure-desktop  

• April 13, 2010
• 17:45

  DATEV DVBSExeCall ActiveX Control Command Execution Vulnerability

   » ‎ SecuriTeam
  During the installation of the DATEV Base System (Grundpaket Basis) an ActiveX Control will be installed (DVBSExeCall.ocx), in which the function "ExecuteExe" is vulnerable to a command execution bug.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  control dvbsexecall activex datev-base command-execution safer-use activex-control  

• February 10, 2010
• 0:00

  Vuln: Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability

  Tags:  activex microsoft max microsoft-data-analyzer code-execution activex-control