ActiveX | Art Hacker

RealPlayer控件Import方式栈溢出漏洞

Posted by Hacker on 07月 29, 2008 Leave comment

受影响系统：
Real Networks RealPlayer 10.5
Real Networks RealPlayer 10
不受影响系统：
Real Networks RealPlayer 10.5 v6.0.12.1675
描述：BUGTRAQ ID: 30379
CVE(CAN) ID: CVE-2008-3066
RealPlayer是一款流行的多媒体播放器。
RealPlayer的rjbdll.dll模块没有正确地删除媒体库文件，如果用户使用ActiveX控件 {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5}将有漏洞的文件导入到用户的媒体库的话，则在删除该文件时就会触发栈溢出，导致执行任意指令。 Read more »

Category: Notice loopholes

ActiveX控件任意文件下载漏洞

Posted by Hacker on 07月 9, 2008 Leave comment

Microsoft Access快照查看器ActiveX控件任意文件下载漏洞

受影响系统：
Microsoft Access 2003
Microsoft Access 2002
Microsoft Access 2000
描述：BUGTRAQ ID: 30114
CVE(CAN) ID: CVE-2008-2463
Microsoft Access是微软Office套件中的关系数据库管理系统。
Microsoft Access中捆绑了快照查看器ActiveX控件用于方便的查看Access报表快照，该控件没有正确的验证某些输入参数。如果用户受骗访问了恶意站点的话，就可能导致将站点上的文件下载到用户机器的任意位置。目前这个漏洞正在被积极的利用。 Read more »

Category: Notice loopholes

Page 1 of 11

Popular
Recent Comments
Archives

Archives by date

Archives by category

Art Hacker
We advocate freedom, equality, sharing and mutual aid

RealPlayer控件Import方式栈溢出漏洞

ActiveX控件任意文件下载漏洞

Popular Posts

Recent Comments

Archives by date

Archives by category

Sponsors

ADTOLL

Public Service Ads

Subscribe Me

Function

Recent Post

Tag Cloud

Advertise

BBS Links

Blog Sites

Arthack Links

Partner links

Art HackerWe advocate freedom, equality, sharing and mutual aid

RealPlayer控件Import方式栈溢出漏洞

ActiveX控件任意文件下载漏洞

Popular Posts

Recent Comments

Archives by date

Archives by category

Sponsors

ADTOLL

Public Service Ads

Subscribe Me

Function

Recent Post

Tag Cloud

Advertise

BBS Links

Blog Sites

Arthack Links

Partner links

Art Hacker
We advocate freedom, equality, sharing and mutual aid