493 matches found
Cross site scripting
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible...
CVE-2018-15659
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible...
CVE-2018-15659
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible...
CVE-2018-15659
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible...
CVE-2018-15659
42Gears SureMDM prior to 2018-11-27 is affected by CVE-2018-15659 due to an improper access policy for Silverlight applications, enabling cross-origin access. This vulnerability is documented in NVD with a described impact as cross-origin exposure; no exploit details are provided in the connected...
July 12, 2016 — KB3172985 (OS Build 10586.494)
July 12, 2016 — KB3172985 OS Build 10586.494 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Windows Media Player, Internet Explorer 11, Windows Explorer, Miracast, and...
Blocks for Flash and others coming to Office 365
If you're a user of Microsoft Office products such as Word and Excel, you're probably aware that they've been used as inroads for malware for a long, long time. But what about malware attacks without Macros? Sure. Macro malware for Macs? That, too. Malicious documents and spying tools? Danger, Wi...
Microsoft SharePoint Elevation of Privilege Vulnerability (CNVD-2018-08793)
SharePoint is a free add-on value-added software for Windows Server 2003 made by Microsoft that provides basic portal and corporate intranet functionality. An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker could exploit the vulnerability to redirect users accessi...
Microsoft SharePoint Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted URL to a user of an affected...
October 10, 2017—KB4041676 (OS Build 15063.674)
October 10, 2017—KB4041676 OS Build 15063.674 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where some UWP and Centennial apps show a gray icon and display the error...
The vulnerabilities of the graphical component of the Windows operating system, Skype for Business and Microsoft Lync messaging programs, the Microsoft Office suite of programs, and the Silverlight software platform allow a perpetrator to execute arbitrary code.
The vulnerability of the graphical component of the Windows operating system, the Skype for Business and Microsoft Lync messaging applications, the Microsoft Office suite, and the Silverlight software platform is related to object handling in memory. Exploiting this vulnerability allows a remote...
Vulnerability of the Microsoft Office software package, the Microsoft Silverlight software platform, and the Word document viewing tool – Microsoft Office Word Viewer. Also vulnerable are the Microsoft Windows operating system, and the Microsoft Lync and Skype for Business instant messaging applications. These vulnerabilities allow attackers to inject arbitrary code into these systems.
The vulnerabilities of the Microsoft Office software package, the Microsoft Silverlight software platform, and the Word document viewing tool – Microsoft Office Word Viewer – as well as the Microsoft Windows operating system, and the Microsoft Lync and Skype for Business instant messaging...
Remote code execution
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for...
CVE-2017-0283
CVE-2017-0283 is described in the connected MSKB as a remote code execution vulnerability in Microsoft Office components that could be triggered by opening a specially crafted Office file. The MSKB describes a security update KB3191937 for Skype for Business 2015 (Lync 2013) that addresses CVE-20...
Microsoft Silverlight Multiple Remote Code Execution Vulnerabilities (KB4023307)
This host is missing an important security update according to Microsoft security update KB4023307. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Security Update for Microsoft Silverlight (KB4023307)
This security update to Silverlight includes fixes outlined in KB 4023307. This update is backward compatible with web applications built using previous versions of Silverlight...
Windows Uniscribe remote code execution vulnerability: June 13, 2017
Windows Uniscribe remote code execution vulnerability: June 13, 2017 Summary This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow remote code execution if a user visits a compromised website that contains a specially crafted Silverlight application...
Microsoft Windows Uniscribe CVE-2017-0283 Remote Code Execution Vulnerability
Description Microsoft Windows Uniscribe is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Live...
Microsoft Windows Graphics Component CVE-2017-8527 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed explo...
KLA11047 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Original advisories - Exploitation Public exploits exist for this vulnerability. Malware exists for this...