UPnPHostFileRead

Description Local arbitrary file read PoC exploit for the Wind...

EUVD-2019-10035

Malware in sbrugna...

EUVD-2020-12251

Malware in sbrugna...

EUVD-2020-2178

Malware in sbrugna...

EUVD-2020-8874

Malware in sbrugna...

EUVD-2018-13759

Malware in sbrugna...

EUVD-2020-8893

Malware in sbrugna...

EUVD-2004-1899

Malware in sbrugna...

EUVD-2020-4354

Malware in sbrugna...

CVE-2020-1375

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

CVE-2019-1405

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'...

CVE-2019-1478

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

CVE-2018-21243

An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used...

CVE-2005-4844

The CLSIDApprenticeICW control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

CVE-2005-4845

The Java Plug-in 1.4.203 and 1.4.204 controls, and the 1.4.203 and 1.4.204 redirector controls, allow remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet...

CVE-2005-4842

The System Monitor Source Properties control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

CVE-2005-4841

The Outlook Progress Ctl control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

CVE-2025-0889

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process...

Check Point Response to CVE-2024-24912 - local privilege escalation in Harmony Endpoint Security Client for Windows via crafted DLL file

Symptoms - A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and lower. By manipulating the COM object, an attacker could load a specially crafted DLL. An attacker must first obtain the ability to execute local privilege...

Aladdin - Payload Generation Technique That Allows The Deseriallization Of A .NET Payload And Execution In Memory

Aladdin is a payload generation technique based on the work of James Forshaw @tiraniddo that allows the deseriallization of a .NET payload and execution in memory. The original vector was documented on https://www.tiraniddo.dev/2017/07/dg-on-windows-10-s-executing-arbitrary.html. By spawning the...