Microsoft Windows Security Mechanism Bypass Vulnerability (CNVD-2016-00252)

Microsoft Windows is a popular operating system. A security bypass vulnerability exists in Microsoft Windows Graphics Device Interface GDI32.dll, which can be exploited by remote attackers to bypass the ASLR protection mechanism and perform unauthorized operations...

CVE-2016-0012

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 20...

CVE-2016-0008

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windo...

Microsoft Visual Basic ASLR Bypass Vulnerability (3124585)

This host is missing an important security update according to Microsoft Bulletin MS16-004. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

KLA10738 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a...

McAfee VirusScan Enterprise Buffer Overflow Protection Security Bypass Vulnerability

McAfee VirusScan Enterprise is a suite of antivirus software that provides a full range of security, scans memory for malicious code and optimizes updates for remote systems. A security vulnerability in the McAfee VirusScan Enterprise Buffer Overflow Protection BOP feature allocates memory with...

Microsoft Silverlight Security Mechanism Bypass Vulnerability

Microsoft Silverlight is a cross-browser, cross-platform .NET implementation for building media experiences and interactive applications for the Web. A security mechanism bypass vulnerability exists in Microsoft Silverlight that allows remote attackers to pass through the ASLR protection mechanis...

Microsoft Browser ASLR Bypass Vulnerability

Microsoft Internet Explorer and Microsoft Edge are both web browsers developed by the American company Microsoft. The former is the default browser that comes with operating systems before Windows 10. The latter is the default browser that comes with the latest operating system, Windows 10. A...

PT-2015-3014

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 7 through 11 Microsoft Edge Description A security feature bypass exists when Microsoft Edge and Internet Explorer fail to use the Address Space Layout Randomization ASLR security feature, allowing an...

The vulnerabilities in browsers Internet Explorer and Microsoft Edge allow attackers to bypass the ASLR protection mechanism.

The vulnerability of Internet Explorer and Microsoft Edge is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially created website...

The vulnerability of the Windows operating system, which allows a hacker to bypass the KASLR security mechanism

The vulnerability of the Windows operating system’s kernel is related to the lack of protection for service data. Exploiting this vulnerability allows a local attacker to bypass the KASLR protection mechanism through a specially crafted application...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

kernel: perf on ppc64 can loop forever getting userlevel stacktraces

A flaw was found in the way the Linux kernel's perf subsystem retrieved userlevel stack traces on PowerPC systems. A local, unprivileged user could use this flaw to cause a denial of service on the system by creating a special stack layout that would force the perfcallchainuser64 function into an...

kernel: partial ASLR bypass through TLS base addresses leak

An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage TLS during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

Microsoft Internet Explorer Security Mechanism Bypass Vulnerability

Microsoft Internet Explorer is a popular web browser introduced by Microsoft and bundled with the Windows operating system. A security mechanism bypass vulnerability exists in Microsoft Internet Explorer 9 through 11 and Microsoft Edge. It allows remote attackers to bypass the ASLR protection...