7 matches found
Microsoft Windows Contact File Remote Code Execution Vulnerability
Microsoft Windows Contact file / Remote Code Execution Resurrected 2022 / CVE-2022-44666 + John Page aka hyp3rlinx + twitter.com/hyp3rlinx + ISR: ApparitionSec Back in 2018 I discovered three related Windows remote code execution vulnerabilities affecting both VCF and Contact files. They were...
Exploit for CVE-2022-44666
Microsoft Windows Contacts VCF/Contact/LDAP syslink control...
Microsoft Windows Multiple Vulnerabilities (KB5021294)
This host is missing an important security update according to Microsoft KB5021294 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows Multiple Vulnerabilities (KB5021243)
This host is missing a critical security update according to Microsoft KB5021243 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB5021235)
This host is missing an important security update according to Microsoft KB5021235 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2022-44666
Windows Contacts Remote Code Execution Vulnerability...
CVE-2022-44666
CVE-2022-44666 is a Windows Contacts RCE affecting the Windows Contacts components (VCF/Contact handling) where an href/link attribute processing flow could reach SafeExecute and execute arbitrary code. Affected context centers on wab32.dll/wab.exe usage within Windows Contacts; PoCs and public w...