131 matches found
OracleVM 3.3 : xen (OVMSA-2016-0171)
The remote OracleVM system is missing necessary patches to address critical security updates : - qemuup: ioportread, ioportwrite: be defensive about 32-bit addresses On x86, ioport addresses are 16-bit. That these functions take 32-bit arguments is a mistake. Changing the argument type to 16-bit...
CVE-2016-0171
creationtimestamp| type| source ---|---|--- 2016-06-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39959...
CVE-2016-0171
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege...
CVE-2016-0171
CVE-2016-0171 is a Windows kernel‑mode elevation of privilege vulnerability affecting Win32k in several Windows releases (Vista SP2 to Windows 10 1511). The entry describes that a crafted user‑mode application can trigger a local privilege escalation via a flaw in the Win32k subsystem, with explo...
Microsoft Kernel-Mode Drivers Privilege Elevation Vulnerabilities (3158222)
This host is missing an important security update according to Microsoft Bulletin MS16-062. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows Win32k Elevation of Privilege (MS16-062: CVE-2016-0171)
An elevation of privilege vulnerability exists in the Windows Kernel. The vulnerability is due to the way Windows handles DC surface. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted application...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0171 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
KLA11914 Multiple vulnerability in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
MS16-062: Security Update for Windows Kernel-Mode Drivers (3158222)
The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple privilege escalation vulnerabilities exist in the Windows kernel-mode driver due to a failure to properly handle objects in memory. An authenticated, remote attacker can explo...
Oracle: Security Advisory (ELSA-2010-0112)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-0171
XML external entity XXE vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint...
CVE-2014-0171
An XXE vulnerability (CVE-2014-0171) affects StaxXMLFactoryProvider2 in Odata4j used by Red Hat JBoss Data Virtualization prior to 6.0.0 patch 4. The flaw lets a remote attacker submit a crafted XML payload via a REST endpoint that resolves external entities and can read arbitrary files on the se...
Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.0.0 security update
Red Hat JBoss Data Virtualization 6.0.0 roll up patch 4, which fixes three security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
CVE-2013-0171
CVE-2013-0171 affects Foreman prior to version 1.1. The vulnerability allows remote attackers to execute arbitrary code by sending a crafted YAML object to the fact or report import API. Documents confirm impact as remote code execution with network access and no authentication required, but do n...
Scientific Linux Security Update : boost on SL5.x i386/x86_64 (20120221)
The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. Invalid pointer dereference flaws were found in the way the Boost regular expression library processed certain, invalid expressions. An attacker...
Microsoft Internet Explorer SelectAll远程代码执行漏洞(CVE-2012-0171)(MS12-023)
BUGTRAQ ID: 52905 CVE ID: CVE-2012-0171 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer在访问已经删除的对象时在实现上存在可以破坏内存的远程代码执行漏洞,攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Internet Explorer 9.x Microsoft Internet Explorer 8.x Microsoft Internet Explorer 7.x Microsoft Internet Explorer 6.x...
Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
This host is missing a critical security update according to Microsoft Bulletin MS12-023. OpenVAS Vulnerability Test $Id: secpodms12-023.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2675157 Authors: Rachana Shetty Copyright: Copyright c 2012 SecPo...
CVE-2012-0171
CVE-2012-0171 affects Microsoft Internet Explorer 6–9. The vulnerability arises from how IE handles in-memory objects; accessing a deleted object can lead to memory corruption and remote code execution. Connected sources confirm this is the well-known “SelectAll Remote Code Execution Vulnerabilit...
Internet Explorer SelectAll Remote Code Execution (MS12-023; CVE-2012-0171)
A remote code execution vulnerability has been reported in Internet Explorer...
RHEL 5 : boost (RHSA-2012:0305)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0305 advisory. The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standa...