The vulnerability in the implementation of the SDP protocol for Bluetooth driver of Windows operating systems allows attackers to carry out “man-in-the-middle” attacks.

The vulnerability of the SDP protocol implementation for Bluetooth drivers in Windows operating systems is related to incorrect security requirements. Exploiting this vulnerability allows a malicious actor to create a network interface and use it to execute a type of “man-in-the-middle” attack...

CVE-2017-8695

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016;...

Microsoft Windows NetBT Session Services Remote Code Execution Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft.NetBT Session Services is one of the session service components. A remote code execution vulnerability exists in NetBT Session Services in Microsoft Windows. A remote attacker can exploit this vulnerability by sending...

Microsoft Windows Edge and Internet Explorer JavaScript Engine Remote Code Execution Vulnerability

Microsoft Windows 7, etc. are operating systems released by Microsoft Corporation, U.S.A. Microsoft Edge and Internet Explorer IE are web browsers that come with Windows. Microsoft Edge and Internet Explorer IE are both web browsers that come with Windows, the former being the default browser tha...

Microsoft Windows Internet Explorer Memory Corruption Vulnerability

Microsoft Windows 7 SP1 and others are a series of operating systems from Microsoft Corporation USA.Internet Explorer IE is a web browser that comes with the Windows operating system. A remote code execution vulnerability exists in IE 10 and 11 in Microsoft Windows that originates from a program...

Microsoft Windows Internet Explorer and Edge JavaScript Engine Remote Code Execution Vulnerability

Microsoft Windows 7, etc. are operating systems released by Microsoft Corporation, U.S.A. Microsoft Edge and Internet Explorer IE are web browsers that come with Windows. Microsoft Edge and Internet Explorer IE are both web browsers that come with Windows, the former being the default browser tha...

Microsoft Windows Hyper-V Remote Code Execution Vulnerability (CNVD-2017-32917)

Microsoft Windows 8.1 and others are operating systems released by Microsoft Corporation in the U.S. The Hyper-V component is one of the virtualization components. A remote code execution vulnerability exists in the Hyper-V component of Microsoft Windows, which is caused by the program failing to...

CVE-2017-9511

The MultiPathResource class in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to read arbitrary files via a path traversal vulnerability when Fisheye or Crucible is running on the Microsoft Windows operating system...

Announcing the Fourth Annual Flare-On Challenge

The fourth annual Flare-On Challenge – the FireEye Labs Advanced Reverse Engineering FLARE team’s yearly reverse engineering contest – is scheduled to kick off on Sept. 1, 2017, at 8pm ET. This is a CTF-style challenge for all active and aspiring reverse engineers, malware analysts, and security...

Oracle Hospitality Hotel Mobile Unauthorized Access Vulnerability

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hotel management from Oracle. The solution provides human resources cost management, provide customer service throughout the journey tracking management to improve customer satisfaction, etc...

Microsoft Windows Internet Explorer and Edge JavaScript Engine Remote Code Execution Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Microsoft Internet Explorer IE and Edge are web browsers developed by Microsoft Corporation in the U.S. IE is the default browser that came with operating systems before Windows 10. Edge is the defaul...

Microsoft Windows Internet Explorer and Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-20505)

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Microsoft Internet Explorer IE and Edge are web browsers developed by Microsoft Corporation in the U.S. IE is the default browser that came with operating systems before Windows 10. Edge is the defaul...

Microsoft Internet Explorer Security Bypass Vulnerability (CNVD-2017-20512)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is an operating system for personal computers and the latter is a server operating system.Internet Explorer IE is a web browser that comes with the Windows operating system. A security bypass...

Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-23799)

Microsoft Windows 10 and Windows Server 2016 are both products of the American company Microsoft. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines i...

Microsoft Windows SMB Special Message Denial of Service Vulnerability

Microsoft Windows is a popular operating system. A security vulnerability exists in Microsoft Windows SMB processing of special messages, which allows remote attackers to conduct denial-of-service attacks by sending special requests to ports 445 and 139...

The vulnerability of the PowerShell command interpreter for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of PowerShell command interpreters on Windows operating systems is related to improper handling of executable files during the renaming process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

Vulnerability of JavaScript handlers in Microsoft Edge and Internet Explorer browsers of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge and Internet Explorer JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...