lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000f01c36203$6fc807f0$0c351c41@basement>
From: mattmurphy at kc.rr.com (Matthew Murphy)
Subject: Microsoft MCWNDX.OCX ActiveX buffer overflow

Tri Huynh writes:
[snip]
> VULNERABLE VERSIONS: MCWNDX is an ActiveX shipped with Visual Studio 6 to
> support multimedia programming.
[big snip]

Has anyone actually seen this control in-the-wild?  I have Visual C++ 6.0,
and Visual Basic 6.0 installed here (full installs, IIRC), and a search for
"*mcwndx*" on the entire hard drive (and the Visual C++ CD) turns up
nothing.  Does anyone here know what members of the Visual Studio suite (if
any) actually *do* ship an 'mcwndx.ocx' file?  Is it something that only SP4
installs?


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ