Microsoft Windows Shell and Tablet Input Band Remote Code Execution Vulnerabilities (3096443)

This host is missing a critical security update according to Microsoft Bulletin MS15-109. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-109: Security update for Windows Shell to address remote code execution: October 13, 2015

Resolves vulnerabilities in Windows that could allow remote code execution if a user opens a specially crafted toolbar object in Windows or if an attacker convinces a user to view specially crafted content online.SummaryThis security update resolves vulnerabilities in Microsoft Windows. These...

KLA10674 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper information...

Microsoft Windows Shell Security Feature Local Bypass Vulnerability

Microsoft Windows Shell is an interface for interacting with the user on Windows systems from Microsoft USA that allows the user to perform public tasks such as accessing the file system, exporting executable programs, and changing system settings. A security feature bypass vulnerability exists i...

MS15-080 : Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3078662)

The remote Windows host is affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to the Windows Adobe Type Manager Library not properly handling specially crafted OpenType fonts. An attacker can exploit these, by using a crafted document or web page wit...

Microsoft Windows Shell LNK Code Execution

This module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This module creates the required files to exploit the vulnerability. They must be uploaded to an UNC path accessible by...

Citadel Variant Opens Backdoor After Malware is Removed

When hackers have compromised a valuable computer, maintaining persistence on that machine is the key to maintaining access to its resources and stored assets. A new variant of the Citadel banking malware has been discovered that comes with a feature that allows the attacker to leverage remote...

gAlan 0.2.1 - Buffer Overflow 0day Exploit

No description provided by source. !/usr/bin/perl kpasa.pl AKA gAlan Buffer Overflow 0day Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.07.2009 From Static Analysis to 0day Exploit Originally a SecurityTubeCon Presentation, which I'm guessing was canceled...

CVE-2014-1807

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local...

Arbitrary file deletion

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local...

CVE-2014-1807

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local...

MS14-027: Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege (2962488)

A privilege escalation vulnerability exists on the remote Windows host due to improper handling of file associations. A local attacker could exploit this vulnerability to execute arbitrary code on the remote host under the privileges of the Local System account. C Tenable Network Security, Inc...

Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)

The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...

Integer overflow

Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows...

CVE-2012-1528

Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka "Windows...

CVE-2012-1527

CVE-2012-1527 corresponds to Windows Shell Briefcase Integer Underflow. The vulnerability arises from an integer underflow in the Briefcase feature of Windows Shell, enabling local privilege escalation for affected Windows editions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Wind...

PT-2012-3332 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to an integer underflow in the Windows Shell, specifically in the Briefcase feature. This allows a local user to gain privileges via a crafted briefcase. ...

Microsoft Releases November 2012 Security Bulletin

Microsoft has released updates to address multiple vulnerabilities in Microsoft Windows Shell, .NET Framework, Windows Kernel-Mode drivers, Excel, Internet Information Services IIS, and cumulative security updates for Internet Explorer as part of the Microsoft Security Bulletin Summary for Novemb...

PT-2012-3333 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to an integer overflow in the Windows Shell, specifically in the Briefcase feature. This allows a local user to gain privileges via a crafted briefcase. A...

MS12-048: Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442)

A remote code execution vulnerability exists in the way Windows handles file and directory names. By tricking a user into opening a file or directory with a specially crafted name, an attacker could exploit this vulnerability to execute arbitrary code on the remote host subject to the privileges ...