3 matches found
KLA10589 Multiple vulnerabilities in Microsoft products
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...
CVE-2015-0004
CVE-2015-0004 concerns a local privilege-escalation in the Windows User Profile Service (ProfSvc). According to the provided sources, the vulnerability is exploited by a junction attack that loads another user’s UsrClass.dat registry hive, enabling local users to gain privileges. Affected product...
MS15-003: Vulnerability in Windows User Profile Service Could Allow Elevation of Privilege (3021674)
The remote Windows host is affected by a privilege escalation vulnerability due to improper validation of user privilege in the Windows User Profile Service ProfSvc. A local attacker, with a specially crafted application, can load registry hives associated with other user accounts to execute...