Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft activex vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-0805
The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote malicious users to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the CTDCCtl::SecurityCHeckD...
Microsoft Internet Explorer 6
Microsoft Internet Explorer 5.01
Microsoft Windows 2000
Microsoft Windows Xp
2 EDB exploits
9.3
CVSSv2
CVE-2007-2222
Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote malicious users to execute arbitrary code via a crafted ActiveX object that triggers memory corrup...
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7.0
2 EDB exploits
7.5
CVSSv2
CVE-2003-0530
Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 up to and including 6.0 SP1 allows remote malicious users to execute arbitrary code.
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Microsoft Ie 6.0
10
CVSSv2
CVE-2004-0978
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote malicious users to execute arbitrary code via the SetupData parameter.
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
7.5
CVSSv2
CVE-2003-0660
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote malicious users to execute arbitrary code without user approval.
Microsoft Windows 2000
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server R2
7.8
CVSSv2
CVE-2007-0612
Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote malicious users to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2)...
Microsoft Internet Explorer 5.0.1
Microsoft Ie 6.0
Microsoft Ie 7.0
Microsoft Internet Explorer 7.0
Microsoft Ie 5.0 Ta3
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-0057
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote malicious users to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting....
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Microsoft Ie 6
7.5
CVSSv2
CVE-2002-0693
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote malicious users to execute code via (1) a long parameter to the Alink f...
Microsoft Windows 2000
Microsoft Windows 98se
Microsoft Windows Me
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2000 Terminal Services
Microsoft Windows 98
1 EDB exploit
9.3
CVSSv2
CVE-2007-0214
The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote malicious users to execute arbitrary code via unspecified functions, related to uninitialized parameters.
Microsoft Windows 2003 Server
Microsoft Windows 2003 Server 64-bit
Microsoft Windows 2000
Microsoft Windows Xp
Microsoft Windows 2003 Server Itanium
Microsoft Windows 2003 Server Sp1
5.1
CVSSv2
CVE-1999-0668
The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote malicious user to execute arbitrary commands as demonstrated by Bubbleboy.
Microsoft Internet Explorer 4.0
Microsoft Internet Explorer 5.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »