214 matches found
MS Security Advisory 2974294: Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service
A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote host. Scanning a maliciously crafted file could prevent the Malware Protection Engine from monitoring affected systems until the file is manually removed and the service is restarted. This plugin checks if...
Microsoft releases Security Advisory 2974294
Today, we released Security Advisory 2974294 to inform global customers about an update for the Microsoft Malware Protection Engine. This update addresses a privately disclosed issue and fixes a vulnerability that could allow a denial of service if the Microsoft Malware Protection Engine scans a...
Microsoft Releases Security Advisory for Microsoft Malware Protection Engine
Microsoft has released a security advisory to address a vulnerability to the Microsoft Malware Protection Engine. Successful exploitation of the vulnerability could allow an attacker to cause a denial of service. An update is available for the following affected software: Microsoft Forefront Clie...
Memory corruption
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted file...
MS Security Advisory 2846338: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution
A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote host. Scanning a maliciously crafted file can result in arbitrary code execution. This plugin checks if a vulnerable version of MMPE is being used by any of the following applications : - Microsoft Forefro...
Microsoft Products Malware Protection Engine权限提升漏洞
BUGTRAQ ID: 46540 CVE ID: CVE-2011-0037 Microsoft Malware Protection Engine是微软反恶意软件产品的一部分。 Malware Protection Engine产品的实现上存在设计问题,本地攻击者可利用此漏洞提升权限。 此漏洞源于Microsoft Malware Protection Engine在扫描时的错误,可通过设置注册表项的特制值提升权限。 Microsoft Microsoft Forefront Endpoint Protection 2010 Microsoft Microsoft Forefront...
CVE-2011-0037
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool MSRT, Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted val...
Code injection
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool MSRT, Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted val...
CVE-2011-0037
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool MSRT, Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted val...
MS KB2491888: Microsoft Malware Protection Engine (MMPE) Privilege Escalation
A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote system. MMPE is typically included with Microsoft anti-malware products such as Windows Live OneCare, Microsoft Security Essentials, Microsoft Forefront Client Security, Microsoft Forefront Client Security...
Microsoft Issues Fix for Bug in Malware Protection Engine
Microsoft has issued an update to its core malware protection engine that fixes a bug that could allow an attacker to gain LocalSystem privileges on a vulnerable machine if a specific set of odd conditions exist. The vulnerability in the Microsoft Malware Protection Engine is a privilege-escalati...
Microsoft Malware Protection Engine File Processing Denial of Service (CVE-2008-1437)
Microsoft Malware Protection Engine provides the scanning, detection and cleaning capabilities for the antivirus and antispyware clients from Microsoft. The applications that use this engine for their operation are: There exists a vulnerability in Microsoft Malware Protection Engine, which can be...
Microsoft恶意软件保护引擎多个拒绝服务漏洞(MS08-029)
BUGTRAQ ID: 29060,29073 CVECAN ID: CVE-2008-1437,CVE-2008-1438 Microsoft恶意软件保护引擎可为防病毒和反间谍软件客户端提供扫描、监测和清除功能。 Microsoft恶意软件保护引擎处理特制文件的方式中存在拒绝服务漏洞,攻击者可以通过建立特制文件来利用此漏洞,当目标计算机系统接收或Microsoft恶意软件保护引擎扫描到此文件时,就可能导致Microsoft恶意软件保护引擎停止响应和自动重新启动,或耗尽所有磁盘空间 0 Microsoft Windows Live OneCare Microsoft Antigen fo...
Microsoft Security Bulletin MS08-029 – Moderate Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)
Microsoft Security Bulletin MS08-029 – Moderate Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service 952044 Published: May 13, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in the...
Design/Logic Flaw
Unspecified vulnerability in Microsoft Malware Protection Engine mpengine.dll 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service engine hang and restart via a crafted file, a different vulnerability than CVE-2008-1438...
CVE-2008-1437
Unspecified vulnerability in Microsoft Malware Protection Engine mpengine.dll 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service engine hang and restart via a crafted file, a different vulnerability than CVE-2008-1438...
Code injection
Unspecified vulnerability in Microsoft Malware Protection Engine mpengine.dll 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service disk space exhaustion via a file with "crafted data structures" that trigger the creatio...
CVE-2008-1438
Unspecified vulnerability in Microsoft Malware Protection Engine mpengine.dll 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service disk space exhaustion via a file with "crafted data structures" that trigger the creatio...
CVE-2008-1437
CVE-2008-1437 affects the Microsoft Malware Protection Engine (mpengine.dll) versions 1.1.3520.0 and 0.1.13.192 used in multiple Microsoft products. The vulnerability stems from the engine’s parsing of specially crafted files, involving improper validation during processing, which can cause the e...
CVE-2008-1437
Unspecified vulnerability in Microsoft Malware Protection Engine mpengine.dll 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service engine hang and restart via a crafted file, a different vulnerability than CVE-2008-1438...