The CA BrightStor ARCserve Backup ActiveX control (ListCtrl.ocx) is vulnerable to a stack-based buffer overflow. By passing an overly long argument to the AddColumn() method, a remote attacker could overflow a buffer and execute arbitrary code on the system.
deda324d5d17fb5a0a5f8b8fcc9d39b55328a2faeca975767d3d6875b67d01d1This Metasploit module exploits a stack overflow in DjVu ActiveX Component. When sending an overly long string to the ImageURL() property of DjVu_ActiveX_MSOffice.dll (3.0) an attacker may be able to execute arbitrary code. This control is not marked safe for scripting, so choose your attack vector accordingly.
81553625fd56a8a603a1213e5449928c6a7c73baa8e26671b9fecc422df68e12This Metasploit module exploits an error related to the CFunctionPointer function when attempting to access uninitialized memory. A remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.
02900e7ca8c7b2f6e14ac6ecbd4314f2fb32471a0a02df748c5da4541bc2cce0The Microsoft Works ActiveX control (WkImgSrv.dll) could allow a remote attacker to execute arbitrary code on a system. By passing a negative integer to the WksPictureInterface method, an attacker could execute arbitrary code on the system with privileges of the victim. Change 168430090 /0X0A0A0A0A to 202116108 / 0x0C0C0C0C FOR IE6. This control is not marked safe for scripting, please choose your attack vector carefully.
9a991cc774ea8365c09b757a0db44dc7d220f5ff12d2c4e2d6b2f55910442ad2The SasCam Webcam Server ActiveX control is vulnerable to a buffer overflow. By passing an overly long argument via the Get method, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the user. This control is not marked safe for scripting, please choose your attack vector carefully.
81c7af2a75863c23fdb4a8d81bf93d9674ef7d9c87496a29dc4a20e52855fd32The VeryPDF PDFView ActiveX control is prone to a heap buffer-overflow because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application.
9fe20807f1f850f687c4224e3addaf1036287534b484b470b8ebb6e1caa6e155The FileView ActiveX control (WZFILEVIEW.FileViewCtrl.61) could allow a remote attacker to execute arbitrary code on the system. The control contains several unsafe methods and is marked safe for scripting and safe for initialization. A remote attacker could exploit this vulnerability to execute arbitrary code on the victim system. WinZip 10.0 <= Build 6667 are vulnerable.
90943b6ba87cbf74d05e1b183bb591716875568403841933867bae56ece45c76
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed