Lucene search
K

8 matches found

Huawei
Huawei
added 2017/12/20 12:0 a.m.52 views

Security Advisory - Remote Code Execution Vulnerability in Windows DNSAPI

Microsoft released a security advisory to disclose a remote code execution vulnerability in Windows Domain Name System DNS DNSAPI.dll. An unauthenticated, remote attacker would use a malicious DNS server to send corrupted DNS responses to the target. The attacker could exploit the vulnerability t...

9.3CVSS8.9AI score0.33104EPSS
Exploits1Affected Software6
Check Point Advisories
Check Point Advisories
added 2017/10/18 12:0 a.m.12 views

Microsoft Windows DNSAPI NSEC3 Heap-based Buffer Overflow (CVE-2017-11779)

A heap-based buffer overflow vulnerability exists in the DNSAPI component of Microsoft Windows. The vulnerability is due to insufficient validation of certain components of NSEC3 records. A remote attacker could exploit this vulnerability by sending a malicious DNS response directly to the target...

9.3CVSS8AI score0.33104EPSS
Exploits1
Cvelist
Cvelist
added 2017/10/13 1:0 p.m.39 views

CVE-2017-11779

The Microsoft Windows Domain Name System DNS DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI...

9.2AI score0.33104EPSS
Exploits1References3
CVE
CVE
added 2017/10/13 1:0 p.m.116 views

CVE-2017-11779

CVE-2017-11779 concerns a vulnerability in the Windows DNSAPI.dll within the DNSAPI component of Microsoft Windows. A heap-based buffer overflow in the handling/validation of NSEC3 records (triggered by malicious DNS responses) could allow a remote attacker to execute arbitrary code in the contex...

9.3CVSS9AI score0.33104EPSS
Exploits1References3Affected Software5
myhack58
myhack58
added 2017/10/12 12:0 a.m.78 views

Important vulnerabilities early warning: the Windows DNS client in the broke multiple heap buffer overflow flaws vulnerabilities in bug-bug warning-the black bar safety net

Microsoft has in the 2017 year 10 months official fix for the vulnerability CVE-2017-11779, the vulnerability includes the Windows DNS client in the plurality of memory corruption vulnerabilities, running Windows 8/Server 2012 and an updated version ofOSthe computer will be affected by this...

9.6AI score0.33104EPSS
Exploits1
Circl
Circl
added 2017/10/11 6:7 p.m.9 views

CVE-2017-11779

creationtimestamp| type| source ---|---|--- 2017-10-11 18:07:54+00:00| seen| https://t.me/informationsecuritychannel/9859...

9.3CVSS8.7AI score0.33104EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2017/10/10 12:0 a.m.192 views

KLA11111 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

10CVSS9.4AI score0.64132EPSS
Exploits14References51
Tenable Nessus
Tenable Nessus
added 2017/10/10 12:0 a.m.146 views

KB4041691: Windows 10 Version 1607 and Windows Server 2016 October 2017 Cumulative Update (KRACK)

The remote Windows host is missing security update 4041691. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...

10CVSS8.5AI score0.69163EPSS
Exploits32References43
Rows per page
Query Builder