.NET Framework Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program. The update addresses the vulnerability by...

Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 (KB 4338605)

Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 KB 4338605 Summary This security update resolves the following vulnerabilities: A "remote code execution" vulnerability exists when .NET Framework does not valida...

.NET Framework Device Guard Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity UMCI policy on the machine. To exploit the vulnerability, an attacker would...

Microsoft Windows PPL Process Injection Privilege Escalation Exploit

Exploit for windows platform in category dos / poc Windows: PPL Process Injection EoP Platform: Windows 10 1703 x64 Class: Elevation of Privilege Summary: It’s possible to inject code into a PPL protected process by hijacking COM objects leading to accessing PPL processes such as Lsa and...

CVE-2017-0199: Microsoft Office RTF vulnerability using the PoC-vulnerability warning-the black bar safety net

0x01 description From FireFye detect and publish CVE-2017-0199 since, I have been researching this vulnerability in Microsoft officially released the patch, I decided to release this PoC. I use way possible with other researchers using different methods, the use of the method may be little bit...

CVE-2017-0199: analysis Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

FireEye recently detected using CVE-2017-0199 security vulnerabilities malicious Microsoft Office RTF document, be aware of CVE-2017-0199, but had not been disclosed vulnerability. When the user opens that contains the exploit Code of the document, the malicious code will download and execute the...

Stack overflow

Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via 1 the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, 2 the CPName property value to...

CVE-2016-1606

The CVE-2016-1606 entry concerns Micro Focus Rumba/Rumba+ 9.4.x prior to 9.4 HF 13960, where multiple stack-based buffer overflows in COM objects allow remote code execution. Affected components include iconfig.dll (NetworkName, CPName), ProfEdit.dll (PrinterName, LUName), FtxBIFF.dll (WriteRecor...

Adobe Reader <= 9.1.3 and Acrobat COM Objects Memory Corruption Remote Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36668/info Adobe Reader and Acrobat are prone to a remote code-execution vulnerability because they fail to properly handle certain COM objects. An attacker can exploit this issue by supplying a malicious PDF file or...

Adobe Photoshop 8.0 COM Objects Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10061/info It has been reported that Adobe Photoshop may be prone to a denial of service vulnerability that may crash an instance of Internet Explorer. An attacker can exploit this issue by creating a script that attempts...

Microsoft Internet Explorer 5.0.1 Daxctle.OCX Spline Method Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19738/info Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.. The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls. An...

Microsoft .NET Framework Multiple Vulnerabilities (2916607)

This host is missing an important security update according to Microsoft Bulletin MS14-009. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET Framework Multiple Vulnerabilities (2916607)

This host is missing an important security update according to Microsoft Bulletin MS14-009. OpenVAS Vulnerability Test $Id: secpodms14-009.nasl 7582 2017-10-26 11:56:51Z cfischer $ Microsoft .NET Framework Multiple Vulnerabilities 2916607 Authors: Thanga Prakash S Copyright: Copyright C 2014...

Microsoft Internet Explorer mergeAttribues Property Handling Memory Corruption - Ver2 (CVE-2007-0945)

Microsoft Internet Explorer is the most widely used Internet browser. Multiple remote code execution vulnerabilities have been reported in Microsoft Internet Explorer. The vulnerabilities are due to several memory corruption errors in Microsoft Internet Explorer when instantiating the vulnerable...

Tom Sawyer Software GET Extension Factory COM Object Instantiation Memory Corruption

Tom Sawyer Software's GET Extension Factory, a component used for graph visualization applications, is installed on the remote Windows host. It may have been bundled with a third-party application, such as the VMware Infrastructure Client or Embarcadero ER / Studio XE2. The installed version of...

CVE-2011-1205

The CVE-2011-1205 entry concerns multiple buffer overflows in unspecified COM objects within IBM Rational licensing components used by Rational ClearCase 7.0.0.4–7.1.1.4, ClearQuest 7.0.0.4–7.1.1.4, and related products. The root cause is buffer overflows in COM objects that can be triggered by r...

Microsoft Office multiple security vulnerabilities

Code execution via embedded COM objects, multiple Excel memory corruptions...

CVE-2010-1263

Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during...

Input validation

Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during...

CVE-2010-1263

Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during...