This module exploits a vulnerability in the PlayerPT.ocx module included in the Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera application. The exploit is triggered when the SetSource() method processes a crafted argument resulting in a buffer overflow.

This update improves the xml of the module to be compatible with new product functionality.

A Buffer Overflow exists in the Oracle Outside SDK when the XPM image processing method does not properly validate the length of chars_per_pixel string within XPM images. This suite is used for 3rd party applications like Quick View Plus.

Type Confusion vulnerability in XGO.ocx ActiveX control in HP Lifecycle Management in the method SetShapeNodeType allowing user-specified memory to be used as an object.

A Memory Corruption in Microsoft Word is caused due to an error within the TabStrip ActiveX control (MSCOMCTL.OCX) object, embedded in a RTF crafted file.

This update adds support for Impact 12.5.

This module exploits a vulnerability in the PlayerPT.ocx module included in the Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera application. The exploit is triggered when the SetSource() method processes a crafted argument resulting in a buffer overflow.

This update adds support for Internet Explorer 8 and 9 and Windows 7, detected automatically.

A use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.

This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.

This is an early release module. This is not the final version of this module.

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object.

Microsoft Internet Explorer 8 is prone to a heap overflow vulnerability caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code.

A Memory Corruption in Microsoft Word is caused due to an error within the TabStrip ActiveX control (MSCOMCTL.OCX) object, embedded in a RTF crafted file.





WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

An AccessControlContext attribute in the java.beans.Statement class of Oracle Java can be overwritten by unprivileged applets by using specially crafted Java Beans Expressions and Statements, even when the AccessControlContext attribute is declared as final.

This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.