CVSS: 7.8EPSS: 17%CPEs: 2EXPL: 1CVE-2007-3282 – Microsoft Office - MSODataSourceControl COM-object Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-3282
Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method. Desbordamiento de búfer en el control ActiveX MSODataSourceControl de Microsoft Office permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un argumento largo para el método DeleteRecordSourceIfUnused. • https://www.exploit-db.com/exploits/4067 http://osvdb.org/38471 http://www.securitytracker.com/id?1018251 https://exchange.xforce.ibmcloud.com/vulnerabilities/34849 •
CVSS: 10.0EPSS: 36%CPEs: 3EXPL: 1CVE-2007-3111 – Microsoft Internet Explorer 6 / Provideo Camimage - 'ISSCamControl.dll 1.0.1.5' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3111
Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a long URL property value. Desbordamiento de búfer en el control de ActiveX Provideo Camimage en el ISSCamControl.dll 1.0.1.5, cuando el Internet Explorer 6 se usa bajo Windows 2000 SP4, permite a atacantes remotos ejecutar código de su elección mediante una valor en la propiedad URL largo. • https://www.exploit-db.com/exploits/4023 http://osvdb.org/36962 http://secunia.com/advisories/25479 http://www.securityfocus.com/bid/24279 http://www.vupen.com/english/advisories/2007/2042 https://exchange.xforce.ibmcloud.com/vulnerabilities/34691 •
CVSS: 5.0EPSS: 14%CPEs: 2EXPL: 2CVE-2007-0356 – CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service
https://notcve.org/view.php?id=CVE-2007-0356
The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value. The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) Control ActiveX (ccrpftv6.ocx) permite a atacantes remotos provocar una denegación de servicio (caída de Internet Explorer 7) mediante un valor de propiedad CCRP.RootFolder largo. • https://www.exploit-db.com/exploits/3142 http://www.securityfocus.com/bid/22092 https://exchange.xforce.ibmcloud.com/vulnerabilities/31549 •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0CVE-2006-4627
https://notcve.org/view.php?id=CVE-2006-4627
System Information ActiveX control (msinfo.dll), when accessed via Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via a SaveFile function with a long (1) computer and possibly (2) filename and (3) category argument. El control de ActiveX de la información del sistema (msinfo.dll), cuando se tiene acceso a través de Microsoft Internet Explorer, permite que los atacantes remotos causen una negación del servicio (caida) a través de la función SaveFile con (1) un equipo informático y posiblemente (2) el nombre del fichero y (3)el argumento de la categoría. • http://noderat.spaces.live.com/blog/cns%216ADE4614B66EADD2%211150.entry http://www.blogger.com/comment.g?blogID=30557436&postID=115190809697529918 http://www.osvdb.org/28381 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0360
https://notcve.org/view.php?id=CVE-2005-0360
The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files. • http://www.kb.cert.org/vuls/id/165022 •