222 matches found
CVE-2018-0956
CVE-2018-0956 is a DoS vulnerability in Windows HTTP.sys’s HTTP/2 stack caused by improper parsing of crafted HTTP/2 requests. The affected product surface is Windows Server 2016 and Windows 10/Windows Server 2016-era builds that include HTTP.sys. The impact is denial of service (availability) wi...
HTTP/2 Server Denial of Service Vulnerability
A denial of service vulnerability exists in the HTTP/2 protocol stack HTTP.sys when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. ...
Microsoft Windows 'HTTP.sys' CVE-2018-0956 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...
Microsoft Windows Information Disclosure Vulnerability (KB4022914)
This host is missing an important security update according to Microsoft KB4022914 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2017-8582
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
CVE-2017-8582
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
Information disclosure
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
CVE-2017-8582
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in...
CVE-2017-8582
CVE-2017-8582 affects the HTTP.sys server component in multiple Windows editions. The vulnerability arises from the component’s improper handling of in-memory objects, enabling a remote, unauthenticated attacker to obtain information and potentially facilitate further compromise. The impact is an...
Http.sys Information Disclosure Vulnerability
An Information Disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the HTTP.sys server application system. A remote...
Security update for the Windows kernel information disclosure vulnerability in Windows Server 2008: July 11, 2017
Security update for the Windows kernel information disclosure vulnerability in Windows Server 2008: July 11, 2017 Summary An information disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory. An attacker who successfully exploited this...
Windows 2008 July 2017 Multiple Security Updates
The remote Windows host is missing multiple security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a reference to an external entity. ...
MS15-034: Vulnerability in HTTP.sys could allow remote code execution: April 14, 2015
MS15-034: Vulnerability in HTTP.sys could allow remote code execution: April 14, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system...
MS15-0 3 4 IIS 7.0 HTTP.sys a remote code execution vulnerability(CVE-2 0 1 5-1 6 3 5) POC-vulnerability warning-the black bar safety net
Detection script: Python----beebeeto http://www.beebeeto.com/pdb/poc-2015-0081/ !/ usr/bin/env python coding=utf-8 """ Site: http://www.beebeeto.com/ Framework: https://github.com/n0tr00t/Beebeeto-framework """ import socket import random import urlparse from baseframe import BaseFrame class...
Microsoft HTTP.sys HTTP 2.0 Denial of Service (MS16-049; CVE-2016-0150)
A denial-of-service vulnerability exists in Microsoft Windows' HTTP 2.0 protocol stack, HTTP.sys. The vulnerability is due to insufficient validation of HTTP 2.0 requests. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP packet to the target...
Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (3148795)
This host is missing an important security update according to Microsoft Bulletin MS16-049. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2016-0150
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...
CVE-2016-0150
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...
Denial of service
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...
CVE-2016-0150
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service system hang via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."...