The specific flaw exists within the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control. The SaveCurrentImageEx method copies an attacker provided filename into a fixed size buffer.
A use after free vulnerability exists in Internet Explorer. The vulnerability is due to accessing a freed CInput object in memory.
A remote attacker could exploit this vulnerability by enticing the target user to open a malicious web page. In the case of successful exploitation, arbitrary attacker code would be executed in the security context of the target user.
A remote attacker could exploit this vulnerability by enticing the target user to open a malicious web page. In the case of successful exploitation, arbitrary attacker code would be executed in the security context of the target user.
The specific flaw exists within the Connect method in webeye.ocx module.The control does not check the length of an attacker-supplied string in the Connect method before copying it into a fixed length buffer on the stack. This allows an attacker to execute arbitrary code in the context of the browser process.
ADAMView is prone to a buffer overflow when handling specially crafted GNI files
An integer overflow in OLE allows remote code execution. This update contains a module exploiting the vulnerability by hosting a web site and epxloiting connecting Internet Explorer browsers.
An integer overflow in OLE allows remote code execution. This update contains a module exploiting the vulnerability by hosting a web site and epxloiting connecting Internet Explorer browsers.
The OLE packager component (packager.dll) of Microsoft Windows will automatically download remote files referenced in embedded OLE objects within Office documents.
In the case of .INF installer files, packager.dll will automatically run them without prompting the user. This can be abused to gain arbitrary code execution by creating an Office document with an embedded OLE object containing a reference to a remote INF file with specially crafted commands.
This vulnerability can be exploited by convincing an unsuspecting user to open a specially crafted PowerPoint document.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
In the case of .INF installer files, packager.dll will automatically run them without prompting the user. This can be abused to gain arbitrary code execution by creating an Office document with an embedded OLE object containing a reference to a remote INF file with specially crafted commands.
This vulnerability can be exploited by convincing an unsuspecting user to open a specially crafted PowerPoint document.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
The vulnerability lies in the failure to validate the size of the input buffer before copying it into a fixed-size buffer on the stack within the handling of the loadExtensionFactory method.
Foxit Reader is prone to a vulnerability that may allow the loading and execution of any library file named imgseg.dll, if this dll is located in a determined subfolder where a .PDF file is.
By providing an overly long string to the AccessCode2 parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.