Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

T-016: iseemedia / Roxio / MGI Software LPViewer ActiveX Vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) T-016: iseemedia / Roxio / MGI Software LPViewer ActiveX Vulnerabilities
# 1  
Old 11-13-2008
T-016: iseemedia / Roxio / MGI Software LPViewer ActiveX Vulnerabilities
The iseemedia LPViewer ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The risk is MEDIUM. By cinvincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer (or the program using the WebBrowser control) to crash.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

qaxaggregated

QAxAggregated(3qt)														QAxAggregated(3qt)

NAME

       QAxAggregated - Abstract base class for implementations of additional COM interfaces

SYNOPSIS

       This class is part of the Qt ActiveQt Extension.

       #include <qaxbindable.h>

   Public Members
       virtual long queryInterface ( const QUuid & iid, void ** iface ) = 0

   Protected Members
       IUnknown * controllingUnknown () const
       QWidget * widget () const
       QObject * object () const

DESCRIPTION

       This class is defined in the Qt ActiveQt Extension, which can be found in the qt/extensions directory. It is not included in the main Qt
       API.

       The QAxAggregated class is an abstract base class for implementations of additional COM interfaces.

       Create a subclass of QAxAggregated and reimplement queryInterface() to support additional COM interfaces. Use multiple inheritance from
       those COM interfaces. Implement the IUnknown interface of those COM interfaces by delegating the calls to QueryInterface(), AddRef() and
       Release() to the interface provided by controllingUnknown().

       Use the widget() method if you need to make calls to the QWidget implementing the ActiveX control. You must not store that pointer in your
       subclass (unless you use QGuardedPtr), as the QWidget can be destroyed by the ActiveQt framework at any time.

MEMBER FUNCTION DOCUMENTATION

IUnknown * QAxAggregated::controllingUnknown () const [protected]
       Returns the IUnknown interface of the ActiveX control. Implement the IUnknown interface in your QAxAggregated subclass to delegate calls to
       QueryInterface(), AddRef() and Release() to the interface provided by this function.

	   HRESULT AxImpl::QueryInterface( REFIID iid, void **iface )
	   {
	       return controllingUnknown()->QueryInterface( iid, iface );
	   }
	   unsigned long AxImpl::AddRef()
	   {
	       return controllingUnknown()->AddRef();
	   }
	   unsigned long AxImpl::Release()
	   {
	       return controllingUnknown()->Release();
	   }

       The QAXAGG_IUNKNOWN macro expands to the code above, and you can use it in the class declaration of your subclass.

QObject * QAxAggregated::object () const [protected]
       Returns a pointer to the QObject subclass implementing the COM object. This function might return 0.

       Warning: You must not store the returned pointer, unless you use a QGuardedPtr, since the QObject can be destroyed by ActiveQt at any time.

long QAxAggregated::queryInterface ( const QUuid & iid, void ** iface ) [pure virtual]
       Reimplement this pure virtual function to support additional COM interfaces. Set the value of iface to point to this object to support the
       interface iid. Note that you must cast the this pointer to the appropriate superclass.

	   long AxImpl::queryInterface( const QUuid &iid, void **iface )
	   {
	       *iface = 0;
	       if ( iid == IID_ISomeCOMInterface )
		   *iface = (ISomeCOMInterface*)this;
	       else
		   return E_NOINTERFACE;
	       AddRef();
	       return S_OK;
	   }

       Return the standard COM results S_OK (interface is supported) or E_NOINTERFACE (requested interface is not supported).

       Warning: Even though you must implement the IUnknown interface if you implement any COM interface you must not support the IUnknown
       interface in your queryInterface() implementation.

QWidget * QAxAggregated::widget () const [protected]
       Returns a pointer to the QWidget subclass implementing the ActiveX control. This function might return 0.

       Warning: You must not store the returned pointer, unless you use a QGuardedPtr, since the QWidget can be destroyed by ActiveQt at any time.

SEE ALSO

       http://doc.trolltech.com/qaxaggregated.html http://www.trolltech.com/faq/tech.html

COPYRIGHT

       Copyright 1992-2007 Trolltech ASA, http://www.trolltech.com.  See the license file included in the distribution for a complete license
       statement.

AUTHOR

       Generated automatically from the source code.

BUGS

       If you find a bug in Qt, please report it as described in http://doc.trolltech.com/bughowto.html.  Good bug reports help us to help you.
       Thank you.

       The definitive Qt documentation is provided in HTML format; it is located at $QTDIR/doc/html and can be read using Qt Assistant or with a
       web browser. This man page is provided as a convenience for those users who prefer man pages, although this format is not officially
       supported by Trolltech.

       If you find errors in this manual page, please report them to qt-bugs@trolltech.com.  Please include the name of the manual page
       (qaxaggregated.3qt) and the Qt version (3.3.8).

Trolltech AS							  2 February 2007						QAxAggregated(3qt)