Microsoft DirectX Graphics Kernel Local Elevation of Privilege Vulnerability

Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability exists in the implementation of Microsoft Windows when memory objects are not handled correctly, which could allow a local attacker to take control of the affected system via a constructed...

Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2017-06610)

Microsoft Windows is the popular computer operating system. The Windows kernel does not properly handle memory objects and is implemented with a local information disclosure vulnerability that, when successfully exploited, allows an attacker to obtain sensitive information...

Microsoft Windows 'Tcpip.sys' Information Disclosure Vulnerability (KB4018885)

This host is missing an important security update according to Microsoft KB4018885. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to eithe...

VulnCheck KEV: CVE-2017-0222

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory...

Microsoft Edge Memory Corruption (CVE-2017-0221)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a memory corruption when handling of objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Microsoft Edge allowing...

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3053)

An information disclosure vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPEG...

Microsoft Windows Denial of Service Vulnerability (CNVD-2017-05724)

Microsoft Windows is the popular computer operating system. Microsoft Windows does not properly handle memory objects and is implemented with a denial-of-service vulnerability that can be exploited by an attacker to cause the target system to stop responding...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-05767)

Microsoft Edge is the web browser built into the Windows 10 version. A memory corruption vulnerability vulnerability exists in the implementation when Microsoft Edge does not properly handle memory objects, which can be exploited by an attacker to execute arbitrary code and corrupt memory...

Microsoft Office Memory Corruption Vulnerability (CNVD-2017-05362)

Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. An information disclosure vulnerability exists in the Office software that does not properly handle memory objects, which can be exploited by an attacker to obtain memory information...

CVE-2017-0191

A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system...

KB4015383: Security Updates for the libjpeg Information Disclosure Vulnerability (April 2017)

The remote Windows host is missing security updates. It is, therefore, affected by an information disclosure vulnerability in the open-source libjpeg image processing library due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this to disclose sensitive...

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log ...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Microsoft Windows Uniscribe Information Disclosure Vulnerability (CNVD-2017-03757)

Microsoft Uniscribe is a component of the Windows operating system developed by Microsoft Corporation for the correct presentation of Unicode characters. An information disclosure vulnerability exists in Microsoft Uniscribe's handling of in-memory objects, which allows remote attackers to exploit...

Microsoft Office Word Viewer Remote Code Execution Vulnerability (4013241)

This host is missing an important security update according to Microsoft Bulletin MS17-014 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Windows Uniscribe Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Microsoft Browser Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack...