logo

activex

Category: news | Posted by Avatar Staff 287 days ago
Via: http://www.infoworld.com | Tags: security pros kill activex comments Discuss  
A wave of bugs in the plug-in technology used by Microsoft's Internet Explorer (IE) browser has some security experts, including those at US-CERT, recommending that users disable all ActiveX controls. read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 287 days ago
Via: http://www.infoworld.com | Tags: attackers zeroon yahoo jukeboxs activex flaw comments Discuss  
Just one day after hackers showed how to exploit a number of flaws in the ActiveX software used by Internet Explorer, Symantec has spotted online criminals using one of the attacks. read more »
addto Add this link to... report Bury 
| Posted by Avatar Staff 286 days ago
Via: http://www.uninformed.org | Tags: activex active exploitation comments Discuss  
This paper provides a general introduction to the topic of understanding software vulnerabilities that affect ActiveX controls. A brief description of how ActiveX controls are exposed to Internet Explorer is given along with an analysis of three example ActiveX vulnerabilities that have been previously disclosed. read more »
addto Add this link to... report Bury 
| Posted by Avatar Staff 286 days ago
Via: http://uninformed.org | Tags: postexploitation on windows using activex controls comments Discuss  
When exploiting software vulnerabilities it is sometimes impossible to build direct communication channels between a target machine and an attacker's machine due to restrictive outbound ... read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 284 days ago
Via: http://secunia.com | Tags: sony imagestation axruploadcontrol activex control setlogging buffer overflow comments Discuss  
david130490 has discovered a vulnerability in Sony ImageStation AxRUploadControl Object ActiveX control, which can be exploited by malicious people to compromise a user's system.Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system an read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 282 days ago
Via: http://www.symantec.com | Tags: discussion activex vulnerabilities comments Discuss  
Earlier this year I wrote a series of posts that highlighted the rise in vulnerabilities affecting ActiveX controls during 2006. I mentioned that there had been an increase in the number of ActiveX vulnerabilities over the last six years, but more importantly there had been a significant rise in 2006. The first half of 2006 saw the release of 12 vulnerabilities, while there were more than 40 vulnerabilities in the second half. I also stated that although 2006 saw a significant increase in the number of vu read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 275 days ago
Via: http://www.infoworld.com | Tags: be prepared activex attacks persist comments Discuss  
A recent string of high-profile ActiveX vulnerabilities caused the U.S. Computer Emergency Readiness Team (US-CERT) to advise users to disable the ubiquitous Microsoft browser plug-in technology altogether. The vectors for these recent exploits include a third-party image uploading tool used on both the Facebook and MySpace social networking sites, and flaws found in Yahoo's Music Jukebox, Real Networks' RealPlayer, and Apple's QuickTime. read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 268 days ago
Via: http://secunia.com | Tags: rising online virus scanner web scan activex control updateengine insecure method comments Discuss  
John Smith has discovered a vulnerability in Rising Online Virus Scanner, which can be exploited by malicious people to compromise a user's system.Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system and applications * Runs through y read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 268 days ago
Via: http://secunia.com | Tags: dlink mpeg shm audio control activex control url property buffer overflow comments Discuss  
rgod has discovered a vulnerability in D-Link MPEG4 SHM (Audio) Control, which can be exploited by malicious people to compromise a user's system.Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system and applications * Runs through yo read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 267 days ago
Via: http://secunia.com | Tags: rtsp mpeg sp control activex control url property buffer overflow comments Discuss  
rgod has discovered a vulnerability in RTSP MPEG4 SP Control, which can be exploited by malicious people to compromise a user's system.Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system and applications * Runs through your browser. read more »
addto Add this link to... report Bury 
Category: vulnerabilities | Posted by Avatar Staff 267 days ago
Via: http://secunia.com | Tags: xem vatdecoder vatctrl class activex control url property buffer overflow comments Discuss  
rgod has discovered a vulnerability in 4XEM VatDecoder, which can be exploited by malicious people to compromise a user's system.Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system and applications * Runs through your browser. No in read more »
addto Add this link to...