Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft system information activex control vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4627
System Information ActiveX control (msinfo.dll), when accessed via Microsoft Internet Explorer, allows remote malicious users to cause a denial of service (crash) via a SaveFile function with a long (1) computer and possibly (2) filename and (3) category argument.
Microsoft System Information Activex Control
NA
CVE-2000-1034
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote malicious users to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
Microsoft Windows 2000
NA
CVE-2003-0661
The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote malicious users to obtain sensitive information.
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2003 Server Web
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2000
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Standard
NA
CVE-2008-3957
The Microsoft Windows Image Acquisition Logger ActiveX control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to ...
Microsoft Windows Image Acquisition Logger
2 EDB exploits
NA
CVE-1999-0379
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
Microsoft Backoffice Resource Kit 2.0
NA
CVE-2000-0419
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote malicious users to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
Microsoft Access 2000
Microsoft Outlook 2000
Microsoft Powerpoint 2000
Microsoft Photodraw 2000 1.0
Microsoft Excel 2000
Microsoft Word 2000
Microsoft Project 2000
Microsoft Office 2000
Microsoft Works 2000
Microsoft Frontpage 2000
NA
CVE-2006-4704
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote malicious users to bypass Internet zone restrictions and execute arbitrary code by instantiating danger...
Microsoft Visual Studio .net 2005
1 EDB exploit
1 Article
NA
CVE-2009-2495
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote malicious users to obtain sensitive informatio...
Microsoft Visual C++ 2008
Microsoft Visual Studio .net 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 2008
Microsoft Visual C++ 2005
NA
CVE-2006-0003
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote malicious users to execute arbitrary code via unknown attack vectors.
Microsoft Data Access Components 2.8
Microsoft Data Access Components 2.7
Microsoft Data Access Components 2.5
3 EDB exploits
2 Articles
7.5
CVSSv3
CVE-2020-1570
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »