Latest ac news

This Metasploit module exploits a buffer overflow vulnerability in Advantec WebAccess. The vulnerability exists in the dvs.ocx ActiveX control, where a dangerous call to sprintf can be reached with user controlled data through the GetColor function. This Metasploit module has been tested successfully on Windows XP SP3 with IE6 and Windows 7 SP1 with IE8 and IE 9.

Full Article

Advantech WebAccess 7.2 Stack-Based Buffer Overflow

By packetstormsecurity.com
Published On :: Thu, 20 Nov 2014 16:34:36 GMT

Core Security Technologies Advisory - Advantech WebAccess version 7.2 is vulnerable to a stack-based buffer overflow attack, which can be exploited by remote attackers to execute arbitrary code, by providing a malicious html file with specific parameters for an ActiveX component.

Full Article

IPUX CS7522/CS2330/CS2030 IP Camera Stack Buffer Overflow

By packetstormsecurity.com
Published On :: Tue, 02 Dec 2014 01:33:52 GMT

The UltraHVCam ActiveX Control 'UltraHVCamX.ocx' suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraHVCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code. Versions affected include PT Type ICS2330, Cube Type ICS2030, and Dome Type ICS7522.

Full Article

IPUX CL5452/CL5132 IP Camera Stack Buffer Overflow

By packetstormsecurity.com
Published On :: Tue, 02 Dec 2014 01:36:36 GMT

The UltraSVCam ActiveX Control 'UltraSVCamX.ocx' suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraSVCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code. Versions affected include Bullet Type ICL5132 and Bullet Type ICL5452.

Full Article

X360 VideoPlayer ActiveX Control Buffer Overflow

By packetstormsecurity.com
Published On :: Tue, 17 Feb 2015 18:25:40 GMT

This Metasploit module exploits a buffer overflow in the VideoPlayer.ocx ActiveX installed with the X360 Software. By setting an overly long value to 'ConvertFile()',an attacker can overrun a .data buffer to bypass ASLR/DEP and finally execute arbitrary code.

Full Article

1 Click Extract Audio 2.3.6 Buffer Overflow

By packetstormsecurity.com
Published On :: Fri, 05 Jun 2015 14:04:44 GMT

1 Click Extract Audio version 2.3.6 suffers from an active-x buffer overflow vulnerability.

Full Article

Tango DropBox 3.1.5 Active-X Heap Spray

By packetstormsecurity.com
Published On :: Fri, 19 Jun 2015 15:39:30 GMT

Tango DropBox active-x heap spray exploit that leverages a vulnerability in the COM component used eSellerateControl350.dll (3.6.5.0) method of the GetWebStoreURL member. Affects versions 3.1.5 and PRO.

Full Article

Tango FTP 1.0 Active-X Heap Spray

By packetstormsecurity.com
Published On :: Fri, 19 Jun 2015 15:41:56 GMT

Tango FTP active-x heap spray exploit that leverages a vulnerability in the COM component used eSellerateControl350.dll (3.6.5.0) method of the GetWebStoreURL member. Affects version 1.0 build 136.

Full Article

Advantech WebAccess 8.0 / 3.4.3 Code Execution

By packetstormsecurity.com
Published On :: Mon, 07 Sep 2015 14:33:33 GMT

Using Advantech WebAccess SCADA Software and attacker can remotely manage industrial control systems devices like RTU's, generators, motors, etc. Attackers can execute code remotely by passing a maliciously crafted string to ConvToSafeArray API in ASPVCOBJLib.AspDataDriven ActiveX.

Full Article

LEADTOOLS Active-X DLL Hijacking

By packetstormsecurity.com
Published On :: Sat, 23 Jan 2016 11:11:11 GMT

LEADTOOLS Active-X control suffers from multiple DLL side loading vulnerabilities.

Full Article

Micro Focus Rumba 9.3 Active-X Stack Buffer Overflow

By packetstormsecurity.com
Published On :: Mon, 31 Oct 2016 06:22:22 GMT

Micro Focus Rumba versions 9.3 and below suffer from an active-x stack buffer overflow vulnerability.

Full Article

Google Calls Out Apple's Intelligent Tracking Protection

Senate Judiciary Committee Interrogates Apple, Facebook About Crypto

Apple Accused Of Crackdown On Jailbreaking

Mac Users Bombarded By Laughably Unsophisticated Malware

Hacktivists Target Egypt And Yemen Regimes

U.S. Embassies Attacked In Yemen, Egypt

Scottish Power Blows A Fuse After Twitter Hijacking

Scottish Brewery Recovers From Ransomware Attack

Hacktivists Ghost Shell Dump 1.6m Login Details On Web

NASA Data May Have Uncovered Galaxy's Youngest Black Hole

Confused Brazilian Hacker Defaces NASA Web Sites In Protest Of NSA

NASA's Plutonium Problem Could End Deep-Space Exploration

The Truth About Mystery Trojan Found In Space

Briton Lauri Love Faces New US Hacking Charges

The Hackers Who Recovered NASA's Lost Lunar Photos

Five Years Later, Italian Police Identify Hacker Behind 2013 NASA Hacks

Linux Kernel 2.2/2.4 Local Root Ptrace Vulnerability

Linux Kernel Backdoor Blocked

Authentium: Vista Kernel Cracked

Cracking The Kernel

David Kernell Photo - Rep. Mike Kernell Son Sarah Palin Anonymous Hacker?

Clever New Attack Exploits Fully-Patched Linux Kernel

MS Kernel Patch Skirts Infected Machines

Linux Kernel Purged Of Five-Year-Old Root Access Bug

Oracle Tempts Red Hat Users With Ksplice Kernel Security Patch Trial

Kernel Crimps Make Windows 8 A Hacker Hassle

Afghanistan Suicide Bomber Attacks Nato Military Base

Afghanistan's Karzai Slams United States Over Massacre

Hackers Steal $60m From Taiwanese Bank In Tailored SWIFT Attack

Google Earth Accidentally Reveals Secret Military Sites

Apple, Angry At Google, Hits Back At Hack Claims

How Google Changed The Secretive Market For The Most Dangerous Hacks In The World

Researchers Say They Uncovered Uzbekistan Hacking Operations Due To Spectacularly Bad OPSEC

Ashley Madison Breach Extortion Scam Targets Hundreds

Chinese Hackers Have Breached Online Betting And Gambling Sites

DoppelPaymer Ransomware Steals SpaceX/Tesla Supplier Data

AoA DVD Creator 2.6.2 Active-X Overflow

AoA Audio Extractor 2.3.7 Active-X Overflow

AoA MP4 Converter 4.1.2 Active-X Overflow

Advantech WebAccess dvs.ocx GetColor Buffer Overflow

Advantech WebAccess 7.2 Stack-Based Buffer Overflow

IPUX CS7522/CS2330/CS2030 IP Camera Stack Buffer Overflow

IPUX CL5452/CL5132 IP Camera Stack Buffer Overflow

X360 VideoPlayer ActiveX Control Buffer Overflow

1 Click Extract Audio 2.3.6 Buffer Overflow

Tango DropBox 3.1.5 Active-X Heap Spray

Tango FTP 1.0 Active-X Heap Spray

Advantech WebAccess 8.0 / 3.4.3 Code Execution

LEADTOOLS Active-X DLL Hijacking

Micro Focus Rumba 9.3 Active-X Stack Buffer Overflow

The finish line: Attachment of Signs

The Finish Line: Backwrapping vs. Edgewrapping

Green Advocacy vs. Informed Consent

Coal: Not the New Black

American Industrial Partners to Acquire PPG’s Architectural Coatings Business

INTERVIEW: The Payback of a Green Investment

HID Global Sustainability Practices

Manufacturer Rises to Green Challenge

Ultrabond ECO 885 Premium Grade Polyolefin Backed Carpet Adhesive

FreeAxez gives access flooring an all-access pass

Propex to Showcase Isis Modular Tile Backing at FloorTek Expo

Black Friday, Cyber Monday, Travel Tuesday 2024

Lakeview Farms to Acquire noosa from Campbell Soup Company

Sports Drink Maker Electrolit to Build $400 Million Facility in Texas

EXHIBIT: Voices for the Environment: A Century of Bay Area Activism, Nov. 14

Subscribe To Our Newsletter