626 matches found
Microsoft Windows CSRSS (CVE-2011-0030) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to retain certain processes that may aid in attacks against subsequent users. Successfully exploiting this issue may aid in the complete compromise of affected computers...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0087) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0088) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
Microsoft Data Access Components Data Source Name Buffer Overflow Vulnerability
Description Microsoft Data Access Components MDAC are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will...
Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user to open a...
Microsoft Windows OpenType Font (OTF) Driver Double-Free Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...
Microsoft Windows 'Win32k.sys' Double Free Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Windows CVE-2010-3944 'Win32k.sys' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Windows OpenType Font (OTF) Driver CMAP Table Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...
Microsoft Windows OpenType Font (OTF) Driver Invalid Array Index Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...
Microsoft Internet Explorer Uninitialized Object CVE-2010-3343 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Internet Explorer CVE-2010-3342 Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...
Microsoft Internet Explorer Uninitialized HTML Element CVE-2010-3346 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Internet Explorer Uninitialized Object CVE-2010-3340 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Windows Kernel NDProxy Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
Microsoft Windows CVE-2010-3941 'Win32k.sys' Double Free Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Internet Explorer Select HTML Element Use-After-Free Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Windows User Access Control (UAC) Bypass Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that affects the 'RtlQueryRegistryValues' API function. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of...
Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2741 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...
Microsoft Windows Common Control Library Remote Heap Buffer Overflow Vulnerability
Description Microsoft Windows Common Control Library is prone to a remote heap-based buffer-overflow vulnerability because the library fails to perform adequate boundary-checks on user-supplied data. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted web...