8 matches found
Zero-Click Outlook RCE Exploitation Chain in Windows
Summary: Two vulnerabilities CVE-2023-35384 and CVE-2023-36710 in Microsoft Windows can be chained to achieve remote code execution RCE on vulnerable Outlook clients. Attackers can exploit these flaws by sending a crafted email with a custom notification sound file to trigger the download of a...
Microsoft Windows Multiple Vulnerabilities (KB5029247)
This host is missing an important security update according to Microsoft KB5029247 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows Multiple Vulnerabilities (KB5029244)
This host is missing an important security update according to Microsoft KB5029244 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2023-35384
Windows HTML Platforms Security Feature Bypass Vulnerability...
CVE-2023-35384
CVE-2023-35384 is a Windows HTML Platform security feature bypass. The provided documents describe two vulnerabilities that can be chained to achieve remote code execution in Outlook: (1) the HTML security feature bypass allowing a crafted file or URL to evade security zone tagging, and (2) a Win...
CVE-2023-35384 Windows HTML Platforms Security Feature Bypass Vulnerability
...
CVE-2023-35384 Windows HTML Platforms Security Feature Bypass Vulnerability
...
KLA51710 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation...