11 matches found
Microsoft Windows Authenticode 安全漏洞
Microsoft Windows Authenticode is a code-signing technology from Microsoft Corporation USA that identifies the publisher of Authenticode-signed software. A security vulnerability exists in Microsoft Windows Authenticode. An attacker exploits this vulnerability to perform spoofing attacks...
The vulnerability relates to the signature verification function of Authenticode for the Windows operating system, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Authenticode signature verification function in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability in the implementation of the Windows Authenticode signature technology of the Microsoft Windows operating system allows attackers to perform spoofing attacks.
The vulnerability of the Authenticode signature technology implemented in Microsoft Windows operating systems is related to errors in information presentation by the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks...
Microsoft WinVerifyTrust function Remote Code Execution
A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files...
The vulnerability in the implementation of the Windows Authenticode signature technology of the Microsoft Windows operating system allows attackers to perform spoofing attacks.
The vulnerability of the Authenticode signature technology implemented in Microsoft Windows operating systems is related to errors in information presentation by the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks...
CVE-2021-36959
Windows Authenticode Spoofing Vulnerability...
KB2915720: Changes in Windows Authenticode Signature Verification
The remote Windows host has not enabled the Windows Authenticode signature verification certificate padding check. This means extraneous information can be included in signed binaries. Note that Microsoft announced on July 29, 2014, that it no longer plans to enforce the stricter signature...
Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)
This host is missing a critical security update according to Microsoft Bulletin MS12-024. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Security Bulletin MS10-019 - Critical Vulnerabilities in Windows Could Allow Remote Code Execution (981210)
Microsoft Security Bulletin MS10-019 - Critical Vulnerabilities in Windows Could Allow Remote Code Execution 981210 Published: April 13, 2010 | Updated: April 14, 2010 Version: 1.1 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Window...
Microsoft Windows Authenticode Signature Verification远程代码执行漏洞(MS10-019)
BUGTRAQ ID: 39328 CVE ID: CVE-2010-0486 Windows Authenticode Signature Verification功能也称为WinVerifyTrust,用于对指定的对象执行信任验证操作。 Windows Authenticode Signature Verification功能在处理PE和cabinet文件格式的某些文件digest字段时存在错误。匿名攻击者可以通过修改已有的签名可执行文件以篡改签名文件的未验证部分来利用此漏洞,从而无需使签名失效便向文件添加恶意代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft...
PT-2010-2248 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the improper use of unspecified fields in a file digest by the Authenticode Signature verification functionality, allowing remote attackers to execute...