CVE-2016-3263

CVE-2016-3263 concerns a GDI+/Graphics Device Interface information-disclosure issue across multiple Windows platforms (Vista SP2 through Windows 10 1607, Windows Server equivalents) that allows remote attackers to bypass ASLR via unspecified vectors. Affected components are GDI/GDI+ in Windows a...

MS16-120: Security Update for Microsoft Graphics Component (3192884)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple information disclosure vulnerabilities exist in the Windows GDI component due to improper handling of objects in memory. A local attacker can exploit these vulnerabilities, vi...

KLA10884 Code execution vulnerability in Microsoft Office

An improper RTF handling was found in Microsoft Office. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file. Original advisories CVE-2016-3263 CVE-2016-3209 CVE-2016-3262 CVE-2016-7182 CVE-2016-339...

Microsoft Windows GDI+ Information Disclosure (MS16-120: CVE-2016-3263)

An information disclosure vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the True Type Font TTF driver handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted EMF fil...