Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption. Date published : 2007-06-12...
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries...
Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function. Date published :...
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class...
The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control’s CLSID, which is not intended for use...
The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control’s CLSID, which is not intended for...
The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control’s CLSID, which is not...
The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control’s CLSID, which is not intended...
Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter. Date published : 2007-06-11 http://www.securityfocus.com/bid/24374 http://secunia.com/secunia_research/2006-60/advisory/
Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors. Date published : 2007-06-11 http://www.securityfocus.com/archive/1/469984/100/0/threaded http://osvdb.org/37468
Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) pass parameter to (a) mezungiris.asp or (b) ogretmenkontrol.asp. Date published...
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter. Date published : 2007-06-11 http://www.ingate.com/relnote-452.php http://osvdb.org/36708
Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report. Date published : 2007-06-11 http://www.ingate.com/relnote-452.php http://osvdb.org/36707
Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b. Date published : 2007-06-11...