Microsoft Dynamics On-Premise Elevation of Privilege Vulnerability

Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. The product includes financial management, production management and business intelligence management. An elevation of privilege vulnerability exists in Microsoft Dynamics 365 on-premis...

Microsoft GDI+ - gdiplus!GetRECTSForPlayback Out-of-Bounds Read (MS17-013)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1042 We have encountered a crash in the Windows GDI+ library, in the gdiplus!GetRECTSForPlayback function, while trying to display a malformed EMF+ image file: --- 6be8.6f1c: Acces...

Microsoft Windows - USP10!otlList::insertAt Uniscribe Font Processing Heap Buffer Overflow (MS17-011)

Microsoft Windows - USP10!otlList::insertAt Uniscribe Font Processing Heap Buffer Overflow MS17-011 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1022 We have encountered a crash in the Windows Uniscribe user-mode library, in the memmove function called by...

Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Write in USP10!UpdateGlyphFla

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1028 We have encountered a crash in the Windows Uniscribe user-mode library, in the USP10!UpdateGlyphFlags function, while trying to display text using a corrupted font file: ---...