31 matches found
CVE-2020-1300
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a maliciou...
CVE-2020-1300
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a maliciou...
Remote code execution
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a maliciou...
CVE-2020-1300
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a maliciou...
CVE-2020-1300
CVE-2020-1300 is a Windows remote code execution vulnerability that arises when Cabinet (.cab) files are not handled securely. The vulnerability can be exploited by convincing a user to open a specially crafted CAB file or by spoofing a network printer and tricking the user into installing a mali...
Windows Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files. To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicio...
PT-2020-3559 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: A remote code execution issue exists due to improper handling of cabinet files by Microsoft Windows. To exploit this, an attacker must convince a user to open a specially crafted...
KLA11807 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. An informati...
KB4561674: Windows Server 2012 June 2020 Security Update
The remote Windows host is missing security update 4561674 or cumulative update 4561612. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the...
RHEL 7 : gcab (RHSA-2018:0350)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0350 advisory. The gcab package contains a utility for managing the Cabinet archives. It can list, extract, and create Microsoft cabinet .cab files. Security Fixes:...
gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file...
Update to add SHA-2 code signing support for Windows Server 2008 SP2
Update to add SHA-2 code signing support for Windows Server 2008 SP2 Summary This update provides support for the Secure Hash Algorithm-2 SHA-2 code signing and verification functionality in the 64-bit version of Windows Server 2008 Service Pack 2 SP2 which includes the following: Support for...
Ubuntu 16.04 LTS : gcab vulnerability (USN-3546-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3546-1 advisory. Richard Hughes discovered that gcab incorrectly handled certain malformed cabinet files. If a user or automated system were tricked into opening a specially craft...
USN-3546-1 gcab vulnerability
Richard Hughes discovered that gcab incorrectly handled certain malformed cabinet files. If a user or automated system were tricked into opening a specially crafted cabinet file, a remote attacker could use this issue to cause gcab to crash, resulting in a denial of service, or possibly execute...
GNOME gcab stack buffer overflow vulnerability
GNOME gcab is a GObject library for the GNOME project to create cabinet files. A stack buffer overflow vulnerability exists in GNOME gcab 0.7.4 and earlier. An attacker can exploit this vulnerability to cause a denial of service crash with the help of a specially crafted .cab file...
CVE-2017-0294
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files, aka "Windows Remote...
CVE-2017-0294
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files, aka "Windows Remote...
Remote code execution
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files, aka "Windows Remote...
CVE-2017-0294
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files, aka "Windows Remote...
Windows 2008 June 2017 Multiple Security Updates
The remote Windows host is missing multiple security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited the vulnerability...