241 matches found
Microsoft Windows Information Disclosure Vulnerability (KB4022914)
This host is missing an important security update according to Microsoft KB4022914 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2017-8582
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
CVE-2017-8582
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
Information disclosure
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
CVE-2017-8582
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
CVE-2017-8582
CVE-2017-8582 affects the HTTP.sys server component in multiple Windows editions. The vulnerability arises from the component’s improper handling of in-memory objects, enabling a remote, unauthenticated attacker to obtain information and potentially facilitate further compromise. The impact is an...
Http.sys Information Disclosure Vulnerability
An Information Disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the HTTP.sys server application system. A remote...
Security update for the Windows kernel information disclosure vulnerability in Windows Server 2008: July 11, 2017
Security update for the Windows kernel information disclosure vulnerability in Windows Server 2008: July 11, 2017 Summary An information disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory. An attacker who successfully exploited this...
Windows 2008 July 2017 Multiple Security Updates
The remote Windows host is missing multiple security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a reference to an external entity. ...
MS15-034: Vulnerability in HTTP.sys could allow remote code execution: April 14, 2015
MS15-034: Vulnerability in HTTP.sys could allow remote code execution: April 14, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system...
MS15-0 3 4 IIS 7.0 HTTP.sys a remote code execution vulnerability(CVE-2 0 1 5-1 6 3 5) POC-vulnerability warning-the black bar safety net
Detection script: Python----beebeeto http://www.beebeeto.com/pdb/poc-2015-0081/ !/ usr/bin/env python coding=utf-8 """ Site: http://www.beebeeto.com/ Framework: https://github.com/n0tr00t/Beebeeto-framework """ import socket import random import urlparse from baseframe import BaseFrame class...
The vulnerability of the Windows operating system allows a remote attacker to execute arbitrary code within the system account context.
The vulnerability of the HTTP.sys driver on Windows operating systems, which implements the HTTP protocol, lies in the improper handling of HTTP requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the system account’s context. To exploit this...
Microsoft HTTP.sys HTTP 2.0 Denial of Service (MS16-049; CVE-2016-0150)
A denial-of-service vulnerability exists in Microsoft Windows' HTTP 2.0 protocol stack, HTTP.sys. The vulnerability is due to insufficient validation of HTTP 2.0 requests. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP packet to the target...
The vulnerability of the Windows operating system, which allows a perpetrator to trigger a service failure
The vulnerability of the HTTP.sys component in the Windows operating system is related to improper data processing. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure system shutdown through specially crafted HTTP 2.0 requests...
Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (3148795)
This host is missing an important security update according to Microsoft Bulletin MS16-049. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2016-0150
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...
CVE-2016-0150
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...
Denial of service
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...
CVE-2016-0150
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...
CVE-2016-0150
CVE-2016-0150 describes a Denial of Service in Microsoft Windows HTTP.sys (HTTP 2.0 stack). A remote, unauthenticated attacker can send specially crafted HTTP/2 requests to Windows 10 Gold and 1511 to cause the system to become unresponsive. Connected advisories (MS16-049) document the fix as a s...