Shane Hird

11 exploits Active since Sep 1999
CVE-1999-1575 EXPLOITDB WORKING POC
Internet Explorer 4.01/5.0 - Arbitrary File Write and Command Execution via ActiveX Controls
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVE-1999-1575 EXPLOITDB WORKING POC
Internet Explorer 4.01/5.0 - Arbitrary File Write and Command Execution via ActiveX Controls
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVE-1999-0669 EXPLOITDB text WORKING POC
Internet Explorer - Remote Code Execution via Eyedog ActiveX Control
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVE-1999-1575 EXPLOITDB text WORKING POC
Internet Explorer 4.01/5.0 - Arbitrary File Write and Command Execution via ActiveX Controls
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVE-1999-1577 EXPLOITDB text WORKING POC
Internet Explorer 4.01 and 5 - Remote Code Execution via HHOpen ActiveX Control Buffer Overflow
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
EIP-2026-118852 EXPLOITDB text WORKING POC
Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation
CVE-2002-0974 EXPLOITDB text WORKING POC
Help and Support Center for Windows XP - Path Traversal
Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm.
CVE-1999-1576 EXPLOITDB text WORKING POC
Adobe Acrobat Reader 4.0 - Remote Code Execution via ActiveX pdf.setview Method
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.
CVE-1999-1484 EXPLOITDB text WORKING POC
MSN Setup Bulletin Board Services 4.71.0.10 - Remote Code Execution via ActiveX Control Methods
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.
CVE-1999-1578 EXPLOITDB text WORKING POC
Internet Explorer 4.01 and 5 - Remote Code Execution via Registration Wizard ActiveX Control
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
CVE-2001-0095 EXPLOITDB perl WORKING POC
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.