209 matches found
Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks
A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns. Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange DDE, to perfor...
Static Versus Dynamic Data Masking
Most participants in the trench warfare of IT security agree that the best way to protect data is to apply a layered approach to security. Data masking is a security and privacy enhancing technology recommended by industry analysts as a must-have data protection layer. While terminology varies...
[SECURITY] Fedora 24 Update: python-2.7.12-2.fc24
Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...
Microsoft Windows win32k.sys Privilege Escalation Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must run a malicious executable. The specific flaw exists within the handling of Dynamic Data Exchange...
Windows NetDDE buffer overflow
Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...
CVE-2004-0206
Network Dynamic Data Exchange NetDDE services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer,"...
Microsoft Windows 2000 Network Dynamic Data Exchange (DDE) executes code as Local System
Overview The Windows 2000 Network DDE agent permits local users to execute commands with system privileges. Description Dynamic Data Exchange DDE is an interprocess communication mechanism used in Microsoft Windows. A DDE share is an area of memory which is used to store and retrieve data. Networ...
CVE-2001-0015
Network Dynamic Data Exchange DDE in Windows 2000 allows local users to gain SYSTEM privileges via a "WMCOPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process...
CVE-2001-0015
Network Dynamic Data Exchange DDE in Windows 2000 allows local users to gain SYSTEM privileges via a "WMCOPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process...