CVSS: 9.8EPSS: 46%CPEs: 2EXPL: 2CVE-2008-0551 – Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method
https://notcve.org/view.php?id=CVE-2008-0551
01 Feb 2008 — The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party information. El control ActiveX NamoInstaller.NamoInstall.1 de NamoInstaller.dll 3.0.0.1 y anteriores en Namo Web Editor en Sejoong Namo ActiveSquare 6 permite a atacantes remotos ejecutar código de su elección a tra... • https://www.exploit-db.com/exploits/4986 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 17%CPEs: 2EXPL: 2CVE-2008-0470 – Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution
https://notcve.org/view.php?id=CVE-2008-0470
29 Jan 2008 — A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary commands via the ExecuteStr method. Un ciertolador ActiveX en Comodo AntiVirus 2.0 permite a atacantes remotos ejecutar comandos de su elección a través del método ExecuteStr. • https://www.exploit-db.com/exploits/4974 •
CVSS: 10.0EPSS: 32%CPEs: 2EXPL: 1CVE-2008-0437 – HP Virtual Rooms WebHPVCInstall Control - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0437
23 Jan 2008 — Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer en el control ActiveX WebHPVCInstall.HPVirtualRooms14.dll 1.0.0.100, usado en el proceso de instalac... • https://www.exploit-db.com/exploits/4959 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 45%CPEs: 1EXPL: 2CVE-2008-0235
https://notcve.org/view.php?id=CVE-2008-0235
11 Jan 2008 — The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by invoking the foxcommand method. El control ActiveX Microsoft VFP_OLE_Server permite a atacantes remotos ejecutar código de su elección invocando el método foxcommand. • http://packetstormsecurity.org/0801-exploits/msvfpole-exec.txt • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 57%CPEs: 8EXPL: 1CVE-2007-6387 – Vantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-6387
15 Dec 2007 — Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer basados en pi... • https://www.exploit-db.com/exploits/4825 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 46%CPEs: 2EXPL: 1CVE-2007-3282 – Microsoft Office - MSODataSourceControl COM-object Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-3282
19 Jun 2007 — Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method. Desbordamiento de búfer en el control ActiveX MSODataSourceControl de Microsoft Office permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un argumento largo para el método DeleteRecordSourceIfUnused. • https://www.exploit-db.com/exploits/4067 •
CVSS: 10.0EPSS: 51%CPEs: 3EXPL: 1CVE-2007-3111 – Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3111
07 Jun 2007 — Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a long URL property value. Desbordamiento de búfer en el control de ActiveX Provideo Camimage en el ISSCamControl.dll 1.0.1.5, cuando el Internet Explorer 6 se usa bajo Windows 2000 SP4, permite a atacantes remotos ejecutar código de su elección mediante una valor en la propiedad URL largo. • https://www.exploit-db.com/exploits/4023 •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 2CVE-2007-0356 – CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service
https://notcve.org/view.php?id=CVE-2007-0356
19 Jan 2007 — The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value. The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) Control ActiveX (ccrpftv6.ocx) permite a atacantes remotos provocar una denegación de servicio (caída de Internet Explorer 7) mediante un valor de propiedad CCRP.RootFolder largo. • https://www.exploit-db.com/exploits/3142 •
CVSS: 7.5EPSS: 18%CPEs: 1EXPL: 0CVE-2006-4627
https://notcve.org/view.php?id=CVE-2006-4627
07 Sep 2006 — System Information ActiveX control (msinfo.dll), when accessed via Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via a SaveFile function with a long (1) computer and possibly (2) filename and (3) category argument. El control de ActiveX de la información del sistema (msinfo.dll), cuando se tiene acceso a través de Microsoft Internet Explorer, permite que los atacantes remotos causen una negación del servicio (caida) a través de la función SaveFile con (1) un equip... • http://noderat.spaces.live.com/blog/cns%216ADE4614B66EADD2%211150.entry •
CVSS: 6.5EPSS: 8%CPEs: 1EXPL: 0CVE-2005-0360
https://notcve.org/view.php?id=CVE-2005-0360
01 Jul 2005 — The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files. • http://www.kb.cert.org/vuls/id/165022 •