133 matches found
The vulnerability of the McAfee Total Protection antivirus protection, related to deficiencies in access control to the registry, allows a hacker to modify the Component Object Model (COM) in the Windows registry.
The vulnerability of the McAfee Total Protection antivirus protection lies in its lack of access control for accessing the registry. Exploiting this vulnerability could allow an attacker to modify the Component Object Model COM in the Windows registry...
McAfee Total Protection 安全漏洞
McAfee Total Protection MTP is a suite of antivirus software from McAfee, Inc. in the United States. A security vulnerability exists in McAfee Total Protection prior to version 16.0.50, which stems from a vulnerability that allows an attacker to modify the McAfee-specific component object model i...
SUSE CVE-2013-4926
epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service application crash via a crafted packet...
Vulnerability of the Microsoft COM component in the Windows operating system, allowing a hacker to execute arbitrary code
The vulnerability of the Microsoft COM component in the Windows operating system is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2021-42275
Microsoft COM for Windows Remote Code Execution Vulnerability...
CVE-2021-42275
Microsoft COM for Windows Remote Code Execution Vulnerability...
The vulnerability of Microsoft Office packages and Microsoft Office Web Apps arises from improper code generation management, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and Microsoft Office Web Apps is related to improper code generation during the processing of COM objects. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malware file or a specially crafted...
CVE-2020-13534
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...
COM-Code-Helper - Two IDAPython Scripts Help You To Reconstruct Microsoft COM (Component Object Model) Code
Two IDAPython Scripts help you to reconstruct Microsoft COM Component Object Model Code Especially malware reversers will find this useful, as COM Code is still regularly found in malware. ClassAndInterfaceToNames.py This IDAPython script scans an idb file for class and interfaces UUIDs and creat...
The vulnerability of the Windows COM Server component of the Windows operating system, which allows attackers to escalate their privileges
The vulnerability of the Windows COM Server component of the operating system is related to errors in the processing of COM objects. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...
The vulnerability of the Windows COM Server component of the Windows operating system, which allows attackers to escalate their privileges
The vulnerability of the Windows COM Server component of the operating system is related to errors in the processing of COM objects. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...
CVE-2020-16935
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An...
CVE-2020-16916
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An...
PT-2020-4266 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability that exists when Windows improperly handles COM object creation. This could allow an attacker to run arbitrary code with...
PT-2020-4273 · Microsoft · Windows Com Server +1
Name of the Vulnerable Software and Affected Versions: Windows COM Server affected versions not specified Description: The issue is related to errors in processing COM object creation, which can allow an attacker to elevate their privileges using a specially crafted application. To exploit this, ...
The vulnerability of the Microsoft Component Object Model (COM) in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft Component Object Model COM in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...
The vulnerability of the Microsoft COM component in Windows operating systems, which allows a hacker to escalate their privileges
The vulnerability of the Microsoft Component Object Model COM in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created file...
CVE-2020-1507
An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, a user would have to open a specially...
CVE-2020-0922
A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted...
Microsoft COM for Windows Remote Code Execution Vulnerability (CNVD-2021-01045)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows COM is a binary interface standard for a set of software components from Microsoft...