Trend Micro Control Manager DeploymentPlan_Event_Handler External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within DeploymentPlanEventHandler.aspx. The issue lies in the failure to...

Trend Micro Control Manager cgiCMUIDispatcher SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within cgiCMUIDispatcher.exe. The issue lies in the failure to sanitize user-supplied...

Trend Micro Control Manager task_controller Information Disclosure Vulnerability

This vulnerability allows remote attackers to leak sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within taskcontroller.php. The url parameter does not properly sanitize the...

Trend Micro Control Manager AdHocQuery_SelectView XPATH Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within AdHocQuerySelectView.aspx. The issue lies in the failure to sanitize...

Trend Micro Control Manager ProductTree External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within ProductTree.aspx. The issue lies in the failure to sanitize...

Microsoft Windows Service Control Manager Elevation of Privilege Vulnerability

Microsoft Windows is a popular operating system. A security vulnerability exists in Microsoft Windows that allows authenticated users to run special program elevations of privilege and invoke restricted target SCMs due to a failure of the Service Control Manager to properly calibrate the emulatio...

CVE-2015-1702

The Service Control Manager SCM in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local use...

Microsoft Windows SCM Privilege_Escalation Vulnerability (3055642)

This host is missing an important security update according to Microsoft Bulletin MS15-050. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Service Control Manager CVE-2015-1702 Remote Privilege Escalation Vulnerability

Description Microsoft Windows Service Control Manager is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot...

Microsoft Windows NT 4.0 DCOM Server Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/624/info It is possible for a local user to modify how DCOM servers are run, thereby escalating his/her privilege level. The Interactive User has write permissions to the DCOM registry entries. By editing the registry key...

Oracle 8.x cmctl Buffer Overflow Vulnerability

No description provided by source. / source: http://www.securityfocus.com/bid/1968/info cmctl is the Connection Control Manager, part of the Oracle 8i installation. A vulnerability exists that can allow elevation of privileges. The problem occurs in the way cmctl handles the user-supplied command...

Trend Micro Control Manager 5.5/6.0 AdHocQuery BlindSQL Injection (post-auth)

No description provided by source. !/usr/bin/env python Exploit Title: Trend Micro Control Manager 5.5/6.0 AdHocQuery BlindSQL Injection post-auth Disclosure Date: 09/27/2012 Author: otoy @otoyrood & modpr0be @modpr0be Contact: researchatspentera.com Platform: Windows Tested on: Windows 2003...

CVE-2013-3862

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

Double free

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

CVE-2013-3862

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

CVE-2013-3862

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

MS Windows Service Control Manager Privilege Elevation Vulnerability (2872339)

This host is missing an important security update according to Microsoft Bulletin MS13-077. OpenVAS Vulnerability Test $Id: secpodms13-077.nasl 5346 2017-02-19 08:43:11Z cfi $ MS Windows Service Control Manager Privilege Elevation Vulnerability 2872339 Authors: Antu Sanadi Copyright: Copyright c...

MS13-077: Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege (2872339)

The remote Windows host is potentially affected by a privilege escalation vulnerability in the Windows Service Control Manager. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69836; scriptversion"1.11"; scriptcvsdate"Date: 2019/11/27"; scriptcveid"CVE-2013-3862";...

Microsoft Windows Service Control Manager CVE-2013-3862 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that exists in the Windows Service Control Manager SCM. An attacker can exploit this issue to execute arbitrary code with escalated privileges. Successfully exploiting this issue can lead to the complete compromi...

MS13-077: Vulnerability in Windows Service Control Manager could allow elevation of privilege: September 10, 2013

Resolves a vulnerability in Windows Service Control Manager that could allow elevation of privilege if an authenticated user is convinced to execute a specially crafted application.INTRODUCTIONMicrosoft has released security bulletin MS13-077. To view the complete security bulletin, go to one of...