798 matches found
CVE-2015-6133
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
CVE-2015-6128
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
CVE-2015-6133
CVE-2015-6133 affects multiple Windows versions (Windows 8/8.1, Windows Server 2012 R2, Windows RT, Windows 10 1511) and is caused by improper handling of library loading, enabling local privilege escalation via a crafted application. Public exploitation exists: exploits reference MS15-132 and re...
CVE-2015-6132
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka...
CVE-2015-6128
CVE-2015-6128 describes a Windows privilege-escalation flaw where local users can gain privileges by abusing how Windows loads libraries. Affected products include Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1. The root cause is mishandling of library loading, enabling ...
CVE-2015-6132
CVE-2015-6132 is the Windows library loading remote code execution vulnerability affecting multiple Windows versions. Root cause: mishandled library loading enabling local privilege escalation via a crafted application. The MS15-132 security update fixes this, with public exploits and a Metasploi...
CVE-2015-6128
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
Microsoft Windows Library Loading Remote Code Execution (MS15-132: CVE-2015-6133)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way Windows improperly validates input before loading libraries. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted file...
SUSE-SU-2015:1889-1 Security update for ruby19
ruby19 was updated to fix two security issues. The following vulnerabilities were fixed: CVE-2015-1855: Ruby OpenSSL hostname verification was too permissive bsc926974. CVE-2009-5147: DL::dlopen could have loaded a library with tainted library name even if $SAFE 0 bsc939860...
APPLE-SA-2015-09-16-3 iTunes 12.3
APPLE-SA-2015-09-16-3 iTunes 12.3 iTunes 12.3 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption...
Apple iTunes Multiple Vulnerabilities (Sep 2015) - Windows
Apple iTunes is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:itunes"; ifdescription...
Microsoft Office Products Insecure Library Loading Vulnerability
microsoft products is prone to insecure library loading vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Corel Multiple Products Multiple Insecure Library Loading (CVE-2014-8393)
Multiple insecure library loading vulnerabilities have been reported in multiple Corel products. The vulnerabilities are due to the insecure loading of a number of libraries. These include but are not limited to, Wintab32.dll, TDMgd3.089.dll, wacommt.dll, and quserex.dll. A remote attacker could...
Mozilla Firefox/Firefox ESR/Thunderbird DLL Load Arbitrary Code Execution Vulnerability
Mozilla Firefox/Thunderbird is a web browser/email client released by Mozilla. An arbitrary code execution vulnerability exists in the Mozilla Firefox/Firefox ESR/Thunderbird DLL loading, which can be exploited by an attacker to execute arbitrary code in the context of a user of an affected...
IBM Tivoli Storage Manager Elevation of Privilege Vulnerability
IBM Tivoli Storage Manager TSM Client is centralized, policy-based, enterprise-class, data backup and recovery software. A security vulnerability in the dsmtca file in IBM TSM's Client, which stems from the program's failure to properly restrict the loading of shared-library, can be exploited to...
Design/Logic Flaw
dsmtca in the client in IBM Tivoli Storage Manager TSM 6.3 before 6.3.2.3, 6.4 before 6.4.2.2, and 7.1 before 7.1.1.3 does not properly restrict shared-library loading, which allows local users to gain privileges via a crafted DSO file...
CorelCAD 'TD_Mgd_3.08_9.dll' DLL Loading Arbitrary Code Execution Vulnerability
CorelCAD is a 3D drawing software. An arbitrary code execution vulnerability exists in CorelCAD 'TDMgd3.089.dll' DLL loading due to CorelCAD failing to properly load the 'TDMgd3.089.dll' file. Allows an attacker to construct a malicious DLL file that loads arbitrary code in the context of the...