CVSS: 10.0EPSS: 72%CPEs: 2EXPL: 0CVE-2008-0082
https://notcve.org/view.php?id=CVE-2008-0082
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors. Un control ActiveX (Messenger.UIAutomation.1) en Windows Messenger versiones 4.7 y 5.1, es marcado como seguro para scripting, lo que permite a los atacantes remotos controlar la aplicación Messenger y "change state", obtener información de contacto, y establecer conexiones de audio o vídeo sin notificación por medio de vectores desconocidos. • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31446 http://www.securityfocus.com/archive/1/495467/100/0/threaded http://www.securityfocus.com/bid/30551 http://www.securitytracker.com/id?1020681 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2354 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 96%CPEs: 7EXPL: 5CVE-2004-0597 – LibPNG 1.2.5 - 'png_jmpbuf()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0597
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. • https://www.exploit-db.com/exploits/393 https://www.exploit-db.com/exploits/389 https://www.exploit-db.com/exploits/25094 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=1097612393 •