9 matches found
EUVD-2006-0016
Malware in sbrugna...
October 2, 2018, update for Office 2016 (KB4011669)
October 2, 2018, update for Office 2016 KB4011669 This article describes update 4011669 for Microsoft Office 2016 that was released on October 2, 2018. This update has a prerequisite.Be aware that the update on the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of...
Microsoft Windows韩语输入法编辑器权限提升漏洞(MS06-009)
Microsoft Windows是微软发布的非常流行的操作系统。 Windows和Office韩语输入法编辑器(IME)中存在权限提升漏洞,可能允许恶意用户完全控制受影响的系统。 攻击者可以通过终端服务连接到服务器或在控制台,在登录界面上,调出韩文输入法,点击查看授权许可的链接,这时Winlogon进程会以系统权限执行显示授权信息的notepad程序。此时用户以普通用户登录进系统,即可以利用这个高权限的notepad进程提升自己的访问能力。 Microsoft Office 2003 Microsoft Windows XP SP2 Microsoft Windows XP SP1...
Input validation
The ShellAbout API call in Korean Input Method Editor IME in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, whi...
CVE-2006-0008
The ShellAbout API call in Korean Input Method Editor IME in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, whi...
CVE-2006-0008
The ShellAbout API call in Korean Input Method Editor IME in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, whi...
CVE-2006-0008
The CVE-2006-0008 issue affects the Korean Input Method Editor (IME) on Windows XP SP1/SP2, Windows Server 2003 up to SP1, and Office 2003. A privilege-elevation flaw exists in the Korean IME; an attacker who can log on (locally or via Remote Desktop/Terminal Services) could exploit the ShellAbou...
MS06-009: Vulnerability in Korean Input Method Could Allow Elevation of Privilege (901190)
The remote version of Windows contains a flaw in the Korean input method that may allow a local attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need credentials to log into the remote host. C Tenable Network Security, Inc. include"compat.inc"; if...
Microsoft Windows Korean Input Method Editor vulnerability
Overview The Microsoft Windows Korean Input Method Editor IME contains a privilege escalation vulnerability. Description According to Microsoft: An IME is a program that allows computer users to enter complex characters and symbols, such as Japanese characters, using a standard keyboard. The...