Microsoft Windows TrueType Fonts CVE-2015-2463 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Windows OpenType Fonts CVE-2015-2460 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Windows TrueType Fonts CVE-2015-2455 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft .NET Framework CVE-2015-2481 Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system. Technologies...

MS15-092: Vulnerabilities in the .NET Framework could allow elevation of privilege: August 11, 2015

Resolves vulnerabilities in the Microsoft .NET Framework that could allow elevation of privilege if a user runs a specially crafted .NET Framework application.View products that this article applies to.SummaryThis security update resolves vulnerabilities in the Microsoft .NET Framework that could...

Cumulative update for Windows 10: August 11, 2015

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage in Internet Explorer.SummaryThe security update for Windows 10 that is dated August 11, 2015, includes improvements to improve the functionality of Windows 10 and...

Microsoft .NET Framework CVE-2015-2479 Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system. Technologies...

MS15-092: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251)

The version of Microsoft .NET Framework installed on the remote host is affected by multiple elevation of privilege vulnerabilities due to the RyuJIT compiler not properly optimizing certain parameters, resulting in a code generation error. A remote attacker, by convincing a user to run a malicio...

Microsoft ASP.NET Information Disclosure (MS15-041) - ver 2 (CVE-2015-1648)

An information disclosure vulnerability exists in Microsoft .NET Framework. The vulnerability is due to improper requests sanitization on servers with error messages disabled. A remote attacker can exploit this vulnerability by sending specially crafted requests to the vulnerable server...

Update Rollup for Microsoft Monitoring Agent

Describes the issues that are fixed in update rollup KB 3071396 for Microsoft Monitoring Agent.This article describes the issues that are fixed in an update rollup for the Microsoft Monitoring Agent. Additionally, this article contains installation instructions for the update rollup.Issues that a...

Microsoft Visual Studio WMI Object Code Execution (MS06-073) - Ver2 (CVE-2006-4704)

A remote code execution vulnerability exists in Microsoft Visual Studio 2005. Microsoft Visual Studio is a software development product for computer programmers. It centers on an integrated development environment which lets programmers create standalone applications, web sites, web applications,...

Microsoft .NET Framework Entity Expansion Denial of Service (MS13-082) - Ver2 (CVE-2013-3860)

A denial of service vulnerability exists in the .NET Framework. The vulnerability is caused when the .NET Framework attempts to parse a specially crafted document type definition DTD for XML data when an XML digital signature is validated. An attacker who successfully exploited this vulnerability...

Microsoft .NET WinForms Memory Corruption Arbitrary Code Execution Vulnerability

Microsoft .NET Framework is a system distributed by Microsoft to help developers build WEB-based applications. A security vulnerability in Microsoft .NET Framework WinForms exists due to a failure of the program to properly handle objects in memory, which allows remote attackers to exploit the...

Microsoft .NET Framework Remote Code Execution Vulnerability (3057110)

This host is missing a critical security update according to Microsoft Bulletin MS15-044. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2015-1673

The Windows Forms aka WinForms libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote attackers to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privilege Vulnerability."...

CVE-2015-1672

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service recursion and performance degradation via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability."...

CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5...

CVE-2015-1670

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType Font Parsing Vulnerability."...

Design/Logic Flaw

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType Font Parsing Vulnerability."...