PT-2019-3049 · Microsoft · Windows Core Shell Com Server Registrar +1

Name of the Vulnerable Software and Affected Versions: Windows Core Shell COM Server Registrar affected versions not specified Description: An elevation of privilege issue exists due to improper handling of COM calls by the Windows Core Shell COM Server Registrar. This could allow an attacker to...

CVE-2019-3969

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgen...

The vulnerability of Siemens SIMATIC product software lies in insufficient validation of input data, allowing attackers to execute arbitrary commands with system privileges.

The vulnerability of Siemens SIMATIC software products is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker with network access to the DCOM interface to execute arbitrary commands with system privileges...

The vulnerability of VMware Workstation’s virtualization platform, related to deficiencies in protection mechanisms for handling COM classes, allows attackers to escalate their privileges.

The vulnerability of VMware Workstation’s virtualization platform is related to deficiencies in protection mechanisms for handling COM classes. Exploiting this vulnerability can allow attackers to gain increased privileges...

Microsoft Edge Elevation of Privilege Vulnerability (CNVD-2019-16187)

Microsoft Windows 10 and others are operating systems released by Microsoft Corporation USA.Edge is one of the default browsers that comes with the system. An elevation of privilege vulnerability exists in the Microsoft Edge Browser Proxy COM object, which can be exploited by an attacker to eleva...

CVE-2018-8550

An elevation of privilege exists in Windows COM Aggregate Marshaler, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows...

December 9, 2016 — KB3201845 (OS Build 14393.479)

December 9, 2016 — KB3201845 OS Build 14393.479 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of mobile device management MDM disenrollment, Distributed Componen...

Vulnerability of Microsoft COM components in Windows operating systems, allowing attackers to execute arbitrary code

The vulnerability of the Microsoft Component Object Model COM in Windows operating systems is related to the restoration of a dubious data structure in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file or script...

CVE-2018-8349

A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

CVE-2018-0824

A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

Microsoft Windows Remote Code Execution Vulnerability (CNVD-2018-10992)

Microsoft Windows is the popular computer operating system. Microsoft Windows "Microsoft COM for Windows" does not properly handle serialized objects, allowing remote attackers to exploit vulnerabilities in special files or scripts that can be parsed by the user to execute arbitrary code...

Exploit for CVE-2017-0213

CVE-2017-0213: Windows COM Elevation of Privilege Vulnerabilit...

CVE-2017-14023

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators...

CVE-2017-0213

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a speciall...

CVE-2017-0214

Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when Windows fails to properly validate input before...

Microsoft Windows COM Local Elevation of Privilege Vulnerability

Microsoft Windows is the popular computer operating system. Microsoft Windows does not properly validate inputs before loading type librariesA local elevation of privilege vulnerability exists in the implementation, where a local attacker could elevate its privileges...

Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional Denial of Service Vulnerability

Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens, Germany.SIMATIC WinCC is a Supervisory Control and Data Acquisition SCADA system.SIMATIC WinCC Runtime Professional is a visual runtime platform for operators to control and monitor...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the DCOM application in Windows operating systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to enhance their privileges by using a specially created application...

Microsoft Windows HelpPane Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows HelpPane. When registering a DCOM object, the Windows COM session name does not properly implement the RunAs privilege, which can be...