76 matches found
Cumulative update for Windows 10 Version 1511: February 9, 2016
None None...
MS16-013: Description of the security update for Windows Journal: February 9, 2016
None None...
MS16-013: Security Update for Windows Journal to Address Remote Code Execution (3134811)
The remote Windows host is affected by a remote code execution vulnerability in Windows Journal due to improper parsing of Journal files. An unauthenticated, remote attacker can exploit this by convincing a user to open a specially crafted Journal file, resulting in the execution of arbitrary cod...
Heap overflow
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal .jnt file, aka "Windows Journal Heap Overflow Vulnerability."...
CVE-2015-6097
CVE-2015-6097 is a heap-based buffer overflow in Windows Journal’s handling of Journal (.jnt) files, affecting Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1. The flaw—improper parsing of journal files—allows remote code execution and has public exploit activity accordin...
November 2015 Patch Tuesday Brings 12 Updates, Four Critical
Microsoft today pushed out 12 bulletins as part of November’s Patch Tuesday, including four critical updates, all of which can lead to remote code execution. The update is rounded out by fixes for Windows, Lync, .NET, and Skype for Business, but there are two critical fixes that affect browsers o...
Microsoft Windows Journal Heap Overflow (MS15-114: CVE-2015-6097)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
MS15-114: Security Update for Windows Journal to Address Remote Code Execution (3100213)
The remote Windows host is affected by a remote code execution vulnerability in Windows Journal due to improper parsing of Journal files. An unauthenticated, remote attacker can exploit this, via a crafted Journal file, to execute arbitrary code in the context of the current user. C Tenable Netwo...
KLA10694 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete lis...
MS15-114: Security update for Windows Journal to address remote code execution: November 10, 2015
None None...
CVE-2015-2530
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE...
Design/Logic Flaw
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE...
Design/Logic Flaw
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE...
Design/Logic Flaw
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service data loss via a crafted .jnt file, aka "Windows...
Design/Logic Flaw
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE...
CVE-2015-2513
CVE-2015-2513 relates to Windows Journal remote code execution via a crafted .jnt file across Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, Windows RT Gold/8.1, and Windows 10. The root cause is processing of .jnt files enabling arbi...
Microsoft Windows Journal Remote Code Execution Vulnerability (CNVD-2015-05898)
Microsoft Windows Journal is a tool for viewing sticky notes or model documents created on a Tablet PC on your computer. A remote code execution vulnerability exists in Microsoft Windows Journal, which can be exploited by an attacker to execute arbitrary code...
Microsoft Windows Journal Remote Code Execution Vulnerability (CNVD-2015-05897)
Microsoft Windows Journal is a tool for viewing sticky notes or model documents created on a Tablet PC on your computer. A remote code execution vulnerability exists in Microsoft Windows Journal, which can be exploited by an attacker to execute arbitrary code...
CVE-2015-2530
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE...
CVE-2015-2519
CVE-2015-2519 is a Windows Journal remote code execution vulnerability caused by an integer overflow when handling Journal (.jnt) files. Affected Windows versions span Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1, and Windows 10. The issue enables arbitrary ...