Filtered by vendor Microsoft
Subscribe
Total
21800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0392 | 1 Microsoft | 1 Visual Basic | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary code via a .dsr file with a long (1) ConnectionName or (2) CommandName line. | |||||
| CVE-2008-0551 | 2 Microsoft, Sejoong Namo | 2 Activex, Activesquare | 2017-09-29 | 9.3 HIGH | N/A |
| The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0470 | 2 Comodo, Microsoft | 2 Comodo Antivirus, Activex | 2017-09-29 | 9.3 HIGH | N/A |
| A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary commands via the ExecuteStr method. | |||||
| CVE-2008-0235 | 1 Microsoft | 1 Vfp Ole Server Activex Control | 2017-09-29 | 10.0 HIGH | N/A |
| The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by invoking the foxcommand method. | |||||
| CVE-2008-0437 | 2 Hp, Microsoft | 2 Virtual Rooms, Activex | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0296 | 2 Microsoft, Videolan | 2 Windows, Vlc Media Player | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string. | |||||
| CVE-2008-1709 | 1 Microsoft | 1 Visual Interdev | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long malformed Project line beginning with a 'Project("{}") =' sequence, probably a different vector than CVE-2008-0250. | |||||
| CVE-2008-0237 | 1 Microsoft | 1 Rich Textbox Control | 2017-09-29 | 6.8 MEDIUM | N/A |
| The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execute arbitrary commands by invoking the insecure SaveFile method. | |||||
| CVE-2008-0250 | 1 Microsoft | 1 Visual Interdev | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line. | |||||
| CVE-2008-0236 | 1 Microsoft | 1 Visual Foxpro | 2017-09-29 | 5.8 MEDIUM | N/A |
| An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to execute arbitrary commands by invoking the DoCmd method. | |||||
| CVE-2008-0304 | 3 Linux, Microsoft, Mozilla | 4 Linux Kernel, Windows, Seamonkey and 1 more | 2017-09-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview. | |||||
| CVE-2007-6236 | 1 Microsoft | 1 Windows Media Player | 2017-09-29 | 5.0 MEDIUM | N/A |
| Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff. | |||||
| CVE-2007-3956 | 2 Microsoft, Teamspeak | 2 All Windows, Web Server | 2017-09-29 | 7.8 HIGH | N/A |
| TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534. | |||||
| CVE-2007-4336 | 1 Microsoft | 1 Directx Media | 2017-09-29 | 4.3 MEDIUM | N/A |
| Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value. | |||||
| CVE-2007-3490 | 1 Microsoft | 1 Excel | 2017-09-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls. | |||||
| CVE-2007-4890 | 1 Microsoft | 1 Visual Studio | 2017-09-29 | 5.8 MEDIUM | N/A |
| Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method. | |||||
| CVE-2007-4891 | 1 Microsoft | 1 Visual Studio | 2017-09-29 | 6.8 MEDIUM | N/A |
| A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell. | |||||
| CVE-2007-6387 | 3 Intuit, Microsoft, Vantage Linquistics | 8 Bookkeeping, Proseries, Quickbooks and 5 more | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-4254 | 1 Microsoft | 2 Visual Database Tools Database Designer, Visual Studio | 2017-09-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127. | |||||
| CVE-2007-4776 | 1 Microsoft | 1 Visual Basic | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: there are limited usage scenarios under which this would be a vulnerability. | |||||