Information Disclosure

The kernel-rt is vulnerable to Information Disclosure. Kees Cook and Steve Beattie discovered a race condition in the /proc code in the Linux kernel. This could lead to information in the "/proc/pid/maps" and "/proc/pid/smaps" files being leaked to users who would otherwise not have access to thi...

KB4015383: Security Updates for the libjpeg Information Disclosure Vulnerability (April 2017)

The remote Windows host is missing security updates. It is, therefore, affected by an information disclosure vulnerability in the open-source libjpeg image processing library due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this to disclose sensitive...

Microsoft Windows 'libjpeg' Information Disclosure Vulnerability (KB4014794)

This host is missing an important security update according to Microsoft KB4014794. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Microsoft Internet Explorer and Edge CVE-2015-6088 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. The following products are vulnerable:...

Microsoft .NET Framework CVE-2015-6115 ASLR Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft .NET Framework 2.0 SP2...

Microsoft Internet Explorer CVE-2015-2445 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 10 is vulnerable. Technologies...

Microsoft Internet Explorer CVE-2015-1685 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 11 is vulnerable. Technologies...

Microsoft Internet Explorer CVE-2015-1661 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 6, 7, 8, 9, 10, and 11 are...

Microsoft Internet Explorer CVE-2015-0069 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 10 and 11 are vulnerable...

Microsoft Internet Explorer CVE-2014-4140 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya Aura Conferencing Standar...

Microsoft .NET Framework CVE-2014-4062 ASLR Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya Conferencing Standard Editio...

Microsoft .NET Framework ASLR安全限制绕过漏洞(CVE-2014-0295)(MS14-009)

BUGTRAQ ID: 65418 CVECAN ID: CVE-2014-0295 .NET就是微软的用来实现XML，Web Services，SOA（面向服务的体系结构service-oriented architecture）和敏捷性的技术。.NET Framework是微软开发的软件框架，主要运行在Microsoft Windows上。 Microsoft.NET Framework没有正确实现地址空间布局随机化，存在安全限制绕过漏洞。此漏洞可使攻击者绕过ASLR安全功能，然后即可加载恶意代码，利用其它漏洞。 0 Microsoft .NET Framework 4.x...

Microsoft .NET Framework CVE-2014-0295 ASLR Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya Aura Conferencing 6.0 SP1...

Microsoft EMET 3.x >= 3.5 / 4.x < 4.0.4913.26122 ASLR Security Bypass

Microsoft's Enhanced Mitigation Experience Toolkit EMET is installed on the remote system and is 3.x newer than or equal to 3.5 or 4.x prior to 4.0.4913.26122. It is, therefore, potentially affected by a security bypass vulnerability. The application stores function addresses in a predictable way...