26 matches found
Microsoft Excel Remote Code Execution Vulnerability (CNVD-2020-68841)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A remote code execution vulnerability exists in Microsoft Excel. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked system or product. An...
Microsoft SharePoint Authorization Issues Vulnerability
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An authorization issu...
Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2020-63727)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...
PT-2020-3703 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge HTML-based affected versions not specified Description: A remote code execution issue exists due to the way the scripting engine handles objects in memory. This could allow an attacker to corrupt memory and execute arbitrary co...
PT-2020-1617 · Microsoft · Chakracore +1
Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore scripting engine. This could allow a remote attacker to execute arbitrary code, potentially...
PT-2020-1692 · Microsoft · Chakracore +1
Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore scripting engine. This could allow a remote attacker to execute arbitrary code in the contex...
CVE-2019-1043
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability coul...
VulnCheck KEV: CVE-2017-11869
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...
PT-2018-1466 · Microsoft · Windows +1
Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Microsoft Windows affected versions not specified Description: The issue is caused by a buffer overflow in the JavaScript handler of Internet Explorer, allowing a remote attacker to execute...
Vulnerability of the JavaScript ChakraCore kernel, Internet Explorer and Microsoft Edge browsers, caused by operations beyond the buffer in memory, allowing attackers to gain control of the current user’s rights
The vulnerability in the JavaScript ChakraCore engine, as well as in browsers Internet Explorer and Microsoft Edge, arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to gain privileges of the current user...
CVE-2017-11901
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer...
CVE-2017-11918
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...
CVE-2017-11856
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...
CVE-2017-11861
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID i...
CVE-2017-11862
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...
CVE-2017-11869
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...
CVE-2017-11861
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID i...
CVE-2017-11843
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...
CVE-2017-11838
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...