Multiple bugs in ActiveX components updated since 20.08.2002
Published:		14.08.2003
Source:		BUGTRAQ
SecurityVulns ID:		2234
Type:		client
Level:		7/10
Description:		Local files access in applet com.ms.xml.dso.XMLDSO.class and XMLHTTPConnection ActiveX, buffer overflow in xweb.ocx ActiveX (Microsoft DirectX Files Viewer), TSAC and File Transfer Manager (FTM) ActiveX.

Affected:		MICROSOFT : Internet Explorer 6.0
		MICROSOFT : Visual Studio 6.0

Original document		trihuynh_(at)_zeeup.com, Microsoft MCWNDX.OCX ActiveX buffer overflow (14.08.2003)
		Lorenzo Hernandez Garcia-Hierro, NBActiveX Sure ActiveX Big Vulnerability (18.11.2002)
		jelmer, LEVERAGING CROSS-PROTOCOL SCRIPTING IN MSIE (12.09.2002)
		L0PHT, Microsoft Terminal Server Client Buffer Overrun (A082802-1) (31.08.2002)
		MICROSOFT, Security Bulletin MS02-048: Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172) (29.08.2002)
		MICROSOFT, Security Bulletin MS02-046: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521) (23.08.2002)
		Andrew G. Tereschenko, Repost: Buffer overflow in Microsoft DirectX Files Viewer xweb.ocx (<2,0,16,15) ActiveX sample (20.08.2002)

Discuss:

Read or add your comments to this news (0 comments)