S-154: SwiftView ActiveX Control and Plug-in Vulnerability


 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-154: SwiftView ActiveX Control and Plug-in Vulnerability
# 1  
Old 02-01-2008
S-154: SwiftView ActiveX Control and Plug-in Vulnerability

The SwiftView ActiveX control and plug-in contain a stack buffer overflow, which may allow a remote, unauthorized attacker to execute arbitrary code on a vulnerable system. The risk is MEDIUM. By conviencing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user on a vulnerable system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question
picld_plugin_register(3PICLTREE)			  PICL Plug-In Library Functions			  picld_plugin_register(3PICLTREE)

NAME
picld_plugin_register - register plug-in with the daemon SYNOPSIS
cc [ flag... ] file... -lpicltree [ library... ] #include <picltree.h> int picld_plugin_register(picld_plugin_reg_t *regp); DESCRIPTION
The picld_plugin_register() function is the function used by a plug-in module to register itself with the PICL daemon upon initialization. The plug-in provides its name and the entry points of the initialization and cleanup routines in the regp argument. typedef struct { int version; /* PICLD_PLUGIN_VERSION */ int critical; /* is plug-in critical? */ char *name; /* name of the plugin module */ void (*plugin_init)(void); /* init/reinit function */ void (*plugin_fini)(void); /* fini/cleanup function */ } picld_plugin_reg_t; The plug-in module also specifies whether it is a critical module for the proper system operation. The critical field in the registration information is set to PICLD_PLUGIN_NON_CRITICAL by plug-in modules that are not critical to system operation, and is set to PICLD_PLUG- IN_CRITICAL by plug-in modules that are critical to the system operation. An environment control plug-in module is an example for a PICLD_PLUGIN_CRITICAL type of plug-in module. The PICL daemon saves the information passed during registration in regp in the order in which the plug-ins registered. Upon initialization, the PICL daemon invokes the plugin_init() routine of each of the registered plug-in modules in the order in which they registered. In their plugin_init() routines, the plug-in modules collect the platform configuration data and add it to the PICL tree using PICLTREE interfaces(3PICLTREE). On reinitialization, the PICL daemon invokes the plugin_fini() routines of the registered plug-in modules in the reverse order of registra- tion. Then, the plugin_init() entry points are invoked again in the order in which the plug-ins registered. RETURN VALUES
Upon successful completion, 0 is returned. On failure, a negative value is returned. ERRORS
PICL_NOTSUPPORTED Version not supported PICL_FAILURE General system failure ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ |MT-Level |MT-Safe | +-----------------------------+-----------------------------+ SEE ALSO
libpicltree(3PICLTREE), attributes(5) SunOS 5.10 19 Sep 2001 picld_plugin_register(3PICLTREE)