133 matches found
CVE-2017-0047
Technical details about CVE-2017-0047 are not provided in the connected documents. Public information in the Initial Description is limited to an overview; monitor for updates.
Microsoft Windows GDI Elevation of Privilege (MS17-013: CVE-2017-0047)
Elevation of privilege vulnerabilities exists in Windows Graphics Device Interface. The vulnerability is due to the way Windows Graphics Device Interface handles objects in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Microsoft Windows Graphics CVE-2017-0047 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
CVE-2016-0047
WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms Information Disclosure Vulnerability."...
CVE-2016-0047
CVE-2016-0047 is a Windows Forms information-disclosure vulnerability in the Microsoft .NET Framework, enabling remote attackers to obtain sensitive data from process memory via specially crafted icon data. Affected are WinForms components in .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4....
MS16-019: Security Update for .NET Framework to Address Denial of Service (3137893)
The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities in the .NET Framework : - A denial of service vulnerability exists due to improper handling of certain Extensible Stylesheet Language Transformations XSLT. A remote attacker can exploit...
MS16-021: Security Update for NPS RADIUS Server to Address Denial of Service (3133043)
The remote Windows host is affected by a denial of service vulnerability in the Network Policy Server NPS due to improper handling of RADIUS authentication requests. An unauthenticated, remote attacker can exploit this, via specially crafted username strings, to cause a denial of service conditio...
Oracle: Security Advisory (ELSA-2008-0192)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-0047)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 5 / 6 : thunderbird (ELSA-2015-0047)
The remote Oracle Linux 5 / 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2015-0047 advisory. 31.4.0-1.0.1.el66 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.4.0-1 - Update to 31.4.0 31.3.0-3 -...
Gentoo Security Advisory GLSA 201206-09 (MediaWiki)
The remote host is missing updates announced in advisory GLSA 201206-09. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openSUSE: Security Advisory for freetype2 (openSUSE-SU-2012:0047-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : cups on SL3.x, SL4.x, SL5.x i386/x86_64
SL5 Only: A heap buffer overflow flaw was found in a CUPS administration interface CGI script. A local attacker able to connect to the IPP port TCP port 631 could send a malicious request causing the script to crash or, potentially, execute arbitrary code as the 'lp' user. Please note: the defaul...
Fedora Update for kdelibs FEDORA-2011-16151
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for kdelibs FEDORA-2011-16151
Check for the Version of kdelibs OpenVAS Vulnerability Test Fedora Update for kdelibs FEDORA-2011-16151 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CVE-2012-0047
The CVE affects Apache Wicket 1.4.x, vulnerable to XSS via the wicket:pageMapName request parameter. The root cause is improper handling of this parameter, enabling remote script/HTML injection. Affected versions: 1.4.x prior to 1.4.20. The vulnerability is mitigated by upgrading to Apache Wicket...
Apache Wicket 'pageMapName'参数跨站脚本执行漏洞
BUGTRAQ ID: 52680 CVE ID: CVE-2012-0047 Wicket 提供了一种面向对象的方式来开发基于 Web 的动态 UI 应用程序。 Apache Wicket在操作‘wicket:pageMapName’请求参数值时可能存在XSS攻击,可被利用执行任意脚本代码。 0 Apache Group Wicket 1.4.18 Apache Group Wicket 1.4.17 Apache Group Wicket 1.4.16 Apache Group Wicket 1.4.15 厂商补丁: Apache Group ------------...
Fedora 16 : kdelibs-4.7.3-5.fc16 (2011-16151)
Includes fixes for : - khtml: CVE-2010-0046: CSS format argument memory corruption - solid hardware does not detect NFS drives Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...
Fedora Update for mediawiki FEDORA-2011-5807
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Linux Security Advisory : webkit (MDVSA-2011:039)
Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. Please consult the CVE web links for further information. The updated packages have been upgraded to the latest version 1.2.7 to correct these issues. %NASLMINLEVEL 70300 C...