SkinCrafter active-x control version 3.0 suffers from a buffer overflow vulnerability.
960cf97b967da300296a7252c5cd650dDecisionTools SharpGrid suffers from an active-x related remote command execution vulnerability.
14c700ef9db37800f083177992700ce5This Metasploit modules exploits a vulnerability found in McAfee Virtual Technician's MVTControl. This ActiveX control can be abused by using the GetObject() function to load additional unsafe classes such as WScript.Shell, therefore allowing remote code execution under the context of the user.
bbac038f59ff5043622883a24f875349Samsung NET-i Viewer version 1.37 active-x SEH overwrite exploit.
0a5d4fc00155f9ae33f867b85aba6045Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in McAfee Virtual Technician MVTControl ActiveX Control, which can be exploited by malicious people to compromise a user's system.
6eee91d9269a264293f0d51e374aef0dMcAfee Virtual Technician version 6.3.0.1911 suffers from a MVT.MVTControl.6300 GetObject() active-x control security bypass remote code execution vulnerability.
fac7449425b40ef4af6501db05a9f65cThis Metasploit module exploits an uninitialized variable vulnerability in the Annotation Objects ActiveX component. The activeX component loads into memory without opting into ALSR so this module exploits the vulnerability against windows Vista and Windows 7 targets. A large heap spray is required to fulfill the requirement that EAX points to part of the ROP chain in a heap chunk and the calculated call will hit the pivot in a separate heap chunk. This will take some time in the users browser.
a673fc29a3cf976653bc571ec7e98a0fThis Metasploit module exploits a buffer overflow vulnerability in the Isig.isigCtl.1 ActiveX installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. The vulnerability is found in the "RunAndUploadFile" method where the "OtherFields" parameter with user controlled data is used to build a "Content-Disposition" header and attach contents in a insecure way which allows to overflow a buffer in the stack.
4e9032b334315bf475fe1ffff1a62448This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.
15d2d978ad455bf415028fd1a31ba6b3Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Quest Explain Plan Display ActiveX Control, which can be exploited by malicious people to manipulate certain data.
0b07a7ac351e9323326f50af1218049eSecunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Quest Connection Broker Client ActiveX Control, which can be exploited by malicious people to manipulate certain data.
dfbbc1e5f48121fff6f882ce8d5d7ccfQuest Toad for Oracle Explain Plan Display active-x control QExplain2.dll version 6.6.1.1115 suffer from a remote file creation / overwrite vulnerability.
e421d16fdae33bbeab25135ada0f6200Quest vWorkspace version 7.5 Connection Broker client active-x control pnllmcli.dll version 7.5.304.547 suffers from a SaveMiniLaunchFile() method remote file creation / overwrite vulnerability.
e754b5667e1ae5b901e416d50de45d9dSecunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in TRENDnet UltraMJCam ActiveX Control, which can be exploited by malicious people to compromise a user's system.
3b74d61ea1a3844c006f6841ea4f3544Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Camera Stream Client ActiveX Control, which can be exploited by malicious people to compromise a user's system.
d8ef7b7b7251607b146d2a183d7181faQuest InTrust version 10.4.x suffers from ArDoc.dll active-x control remote file creation / overwrite vulnerabilities in the ReportTree and SimpleTree classes. Proof of concept code included.
84489670abd3064d7d471a694834f77bThe D-Link SecuriCam DCS-5605 Network Surveillance DcsCliCtrl.dll active-x control suffers from a buffer overflow vulnerability. Proof of concept code included.
186fc27b271ab8fae99dc2b6c7e73403Quest InTrust version 10.4.x with Annotation Objects active-x control ANNOTATEX.DLL suffers from a remote code execution vulnerability. Proof of concept code included.
5d05c8e87a3a1a15340993927cee6c2dThe TRENDnet SecurView TV-IP121WN wireless internet camera UltraMJCam active-x control suffers from an OpenFileDlg() WideCharToMultiByte remote buffer overflow. Proof of concept code included.
bfdc95f34b587a6220c980b11b687525Secunia Security Advisory - rgod has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system.
89d8a08aa5076e438f3ea6da70b56023Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT active-x control (PlayerPT.ocx) suffers from a sprintf buffer overflow vulnerability. Version 1.0.0.15 is affected.
730bb028ae282480a4815fc29333f4f2The Dell Webcam software bundled active-x control CrazyTalk4Native.dll suffers from a remote buffer overflow vulnerability.
46a3633162cfd36bb9ad8e41945a01fa2X Client for RDP version 10.1.1204 suffers from a ClientSystem class active-x control download and execute vulnerability that affects TuxClientSystem.dll.
1450012685a5458cee5591d5dfd4355b2X Application Server version 10.x suffers from a TuxSystem class active-x control file overwrite involving TuxScripting.dll.
fb12d3e817e693fc4975826b5c52f488Cisco Security Advisory - The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
669220ffedd5a456491b8ddf36bc2152
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed