Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-174: Vulnerability in OLE Automation

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-174: Vulnerability in OLE Automation
# 1  
Old 02-12-2008
S-174: Vulnerability in OLE Automation
A remote code execution vulnerability exists in Object Linking and Embedding (OLE) Automation that could allow an attacker who successfully exploited this vulnerability to make changes to the system with the permissions of the logged-on user. The risk is MEDIUM. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Perl syntax and html ole parsing

Hi gurus I am trying to understand some advanced (for me) perl constructions (syntax) following this tutorial I am trying to parse html: Using Mojo::DOM | Joel Berger say "div days:"; say $_->text for $dom->find('div.days')->each; say "\nspan hours:"; say $_->text for... (1 Reply)
Discussion started by: wakatana
1 Replies

2. Shell Programming and Scripting

win32 ole in deepr details in perl

Hello Gurus, I am begginer in perl. I would like to ask several questions, some related to perl and its syntax but most will be regarding to WIN32 OLE. My main goal is to develop script that will check word document structure (return some information) and make some changes in this document (if it... (0 Replies)
Discussion started by: wakatana
0 Replies

3. Shell Programming and Scripting

Details about WIN32::OLE

Hi all, Is win32::OLE module is applicable in linux system??? from my understanding it is not possible..because we have to use some tools for that..for more info refer this website http://oclug.on.ca/archives/oclug/2001-July/008100.html (1 Reply)
Discussion started by: kavi.mogu
1 Replies

4. Shell Programming and Scripting

PERL Win32::OLE Inserting Picture in Excel

I am trying to insert a picture into a worksheet in Excel using Perl the following is the code use Win32::OLE; use Win32::OLE::Const "Microsoft Excel"; use Win32::OLE qw(in with); # Initiate Excel application $Excel = Win32::OLE->new('Excel.Application', 'Quit'); $Excel->{Visible} =1; #... (1 Reply)
Discussion started by: cold_Que
1 Replies

5. Shell Programming and Scripting

MS Outlook + Win32::OLE

Hey guys, I'm trying to go through my emails in Outlook until I find an email with a certain subject line. I am able to send emails with no problem, but reading emails and their properties (From, Subject, etc.) is my main problem. Basically, I don't know where to start and using search engines... (2 Replies)
Discussion started by: kooshi
2 Replies

6. Shell Programming and Scripting

OLE ERROR in perl

Hello All, I have executed one script where i am getting this error,what may be the reason..... please help me out. OLE exception from Microsoft Excel Win32::OLE(0.1403) error 0x800a03ec in METHOD/PROPERTYGET "open" (1 Reply)
Discussion started by: suvenduperl
1 Replies

7. Shell Programming and Scripting

Spell Check in MS Word using PERL OLE

Hi, I am trying automate couting number of spell and typo errors in MS Word document using perl script. In perl script, i am using Win32::OLE module of perl to read MS word document. Can anybody tell me are there any modules available in perl which can be imported into my script to... (0 Replies)
Discussion started by: 123an
0 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

tigexp

TIGEXP(8)						      Administrator Commands							 TIGEXP(8)

NAME

       tigexp - UNIX Security Checker Explanation Generator

SYNOPSIS

       tigexp msgid [msgid[msgid...]]

       tigexp [-f|-F] [security_report]

DESCRIPTION

       Tigexp is used to generate explanations of the output from the Tiger security checking package.	In the first form, tigexp will generate an
       explanation of each of the message ids listed.  In the second form, the security report specified will be scanned and  explanations  gener-
       ated.  The -f option will generate one explanation for each unique message id in the security report, whereas the -F option will output the
       security report with explanations inserted after each entry in the report.

       There are five different message levels produced by Tiger. Each of the message levels is the last letter of the message id. The levels are:

       ALERT  A message of this level indicates that Tiger has detected a possible intrusion attempt or  troublesome  misconfiguration	which  can
	      expose the whole system to attacks.

       FAIL   Messages of this level indicate a violation of a generic security policy or a possible intrusion. Appropriate action should be taken
	      to fix this security issue.

       WARN   Messages of this level indicate a security issue which should be checked further and might  indicate  a  probable  vulnerability	or
	      exposure. Most Tiger messages appear in this category.

       INFO   These  includes  information messages which are not necessarily a security violation but might be useful for the administrator. Note
	      that the tigerrc configuration file through the Tiger_Show_INFO_Msgs option determines whether or not Tiger shows these  items.  The
	      default behaviour is to not show them.

       ERROR  These  messages are errors in the execution of Tiger (or any of its scripts), this is probably due to a misconfiguration in the pro-
	      gram, because of a problem in the installation or because a file needed for the test is missing. The script who outputs  this  error
	      should be investigated further.

       CONFIG Messages with this level inform of stages in the configuration process of Tiger. They are not errors (otherwise ERROR would be used)
	      but notices for the user running the program explaining, for example, which configuration might be used.

   OPTIONS
       -f     Scan the indicated security report and generate explanations of it.  One explanation will be generated for each unique message id in
	      the security report.  If the name of a security report is not given, then the report is read from stdin.

       -F     Output the indicated security report with explanations inserted after each entry in the report.  If the name of a security report is
	      not given, then the report is read from stdin.

FILES

       $TIGERHOMEDIR/doc/explain.idx

SEE ALSO

       tiger(8)

BUGS

       If the explanation index is out of date, it doesn't recognize it and generates junk.

Security							  12 August 2003							 TIGEXP(8)