11 matches found
MS11-087: Vulnerability in Windows kernel-mode drivers could allow remote code execution: December 13, 2011
MS11-087: Vulnerability in Windows kernel-mode drivers could allow remote code execution: December 13, 2011 INTRODUCTION Microsoft has released security bulletin MS11-087. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...
MS12-034: Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)
The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the Win32k TrueType font parsing engine that allows an unauthenticated, remote attacker to execute arbitrary code by convincing a user to open a Word document containi...
Microsoft Security Update For Microsoft Office, .NET Framework, and Silverlight (2681578)
This host is missing a critical security update according to Microsoft Bulletin MS12-034. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Windows Kernel-Mode Drivers Remote Code Execution Vulnerabilities (2567053)
This host is missing a critical security update according to Microsoft Bulletin MS11-087. OpenVAS Vulnerability Test $Id: secpodms11-087.nasl 8724 2018-02-08 15:02:56Z cfischer $ Windows Kernel-Mode Drivers Remote Code Execution Vulnerability 2639417 Authors: Madhuri D Copyright: Copyright c 2011...
MS11-087: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
The remote host is running a version of the Windows kernel that is affected by a remote code execution vulnerability. Specially crafted TrueType fonts are not properly handled, which could allow arbitrary code execution in kernel mode. A remote attacker could exploit this vulnerability by trickin...
Windows Gather Forensics Duqu Registry Check
This module searches for CVE-2011-3402 Duqu related registry artifacts. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Forensics Duqu Registry Check', 'Description' = %q This...
Microsoft Windows TrueType Font File Parsing Code Execution (CVE-2011-3402)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to improper bounds checking when parsing specially crafted TrueType Font TTF files. A remote attacker may exploit this vulnerability by enticing an affected user to open a specially crafted TTF...
Stars Attack on Iran Was Early Version of Duqu
A few months after the hysteria around Stuxnet had died down, officials in Iran announced in April that some sensitive systems in the government’s networks had been attacked by a new piece of malware, known then as Stars. It now appears that attack was, in fact, the first appearance of an early...
CVE-2011-3402
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary...
CVE-2011-3402
CVE-2011-3402 is a Windows kernel‑mode vulnerability in the TrueType font parsing engine of win32k.sys that allows remote code execution via crafted font data in Word/web content. The issue affects multiple Windows versions (XP/Server 2003, Vista/Server 2008, Windows 7 and Windows 7/Server 2008 R...
Microsoft Windows TrueType font parsing vulnerability
Overview A vulnerability in the Microsoft Windows TrueType font parsing component could allow an attacker to run arbitrary code in kernel mode. This vulnerability is reportedly being exploited by malicious software in the wild known as Duqu. Description The Microsoft Windows kernel includes a...