ASUS Net4Switch is prone to an overflow condition related to the ActiveX component ipswcom.dll. The CxDbgPrint()function (cxcmrt.dll) fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted message string passed to the Alert() method, a remote attacker can potentially execute arbitrary code.

Microsoft Windows does not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object within a file.

A Stack-based buffer overflow in VideoLAN VLC media player allows remote attackers to execute arbitrary code via a crafted MMS:// stream.

OpenKM allows administrative users (those having the AdminRole) to run bean shell scripts. Due to this permission an attacker could lure an OpenKM administrator to a malicious web page that causes arbitrary OS commands to run in the administrators OpenKM session context.

Shadow Stream Recorder is prone to a remote stack-based buffer-overflow vulnerability because the applications fail to perform adequate boundary checks on user-supplied input.

This module exploits a stack-based buffer overflow in the MSCOMCTL.OCX control by sending a specially crafted .RTF file.

This update fixes an issue in the agent connector.

A vulnerability exists in TRENDnet SecurView Internet Camera's ActiveX control that can be exploited by sending a long string of data to the OpenFileDlg() function.

This module exploits a vulnerability in MPlayer. A stack-based buffer overflow in the sub_read_line_sami function in MPlayer SVN Versions before 33471 and SMPlayer 0.6.9 and older versions allows remote attackers to execute arbitrary code via a SAMI subtitle file.

A vulnerability exists in AnnotateX.dll - by invoking the Add() method it

is possible to call inside of any memory region of choice as selected by an

attacker.

A stack-based buffer overflow can be exploited in NetOp Remote Control when opening a crafted .dws file with a string longer then 520 characters.