Microsoft Windows Double Free Memory Corruption Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed explo...

Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability in the Client/Server Run-time Subsystem CSRSS. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits may result in the complete compromise of affected...

Microsoft Windows Embedded OpenType Font Engine LZCOMP Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Embedded OpenType font engine. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Successful exploits may aid in the compromise of affected...

Microsoft Windows License Logging Server Remote Heap Buffer Overflow Vulnerability

Description The Microsoft Windows License Logging Server is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges...

Microsoft Windows Telnet NTLM Credential Reflection Authentication Bypass Vulnerability

Description Microsoft Windows is prone to an authentication-bypass vulnerability in the Telnet protocol. An attacker can exploit this issue to gain unauthorized access to the affected computer with the privileges of the victim. Successful exploits may compromise the affected computer. Technologie...

Microsoft Windows Embedded OpenType Font Engine Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that may affect the Embedded OpenType font engine. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will completely compromise affected computers...

Microsoft Windows Pointer Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

Microsoft Windows Kernel Window Creation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected H...

Microsoft Windows LSASS LPC Request Local Privilege Escalation Vulnerability

Description Microsoft Windows Local Security Authority Subsystem Service LSASS is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will facilitate in the complete...

Microsoft Internet Explorer Document.Domain跨域同源覆盖漏洞

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer存在绕过同源策略问题，远程攻击者可以利用漏洞访问其他目标域或者进行内容伪造攻击。 攻击者可以通过修改document.domain中的值，构建恶意WEB页，诱使用户访问来触发。 Microsoft Internet Explorer 6.0 SP2 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Citrix ICA Client for Windows 4.0...

Microsoft Windows CSRSS MSGBox远程代码执行漏洞

Microsoft Windows是一款商业性质的操作系统。 Microsoft Windows客户端/服务端实时子系统处理存在问题，远程攻击者可以利用漏洞以系统进程权限执行任意指令。 由于CSRSS服务处理错误消息存在问题，攻击者通过构建特殊的应用程序来触发此漏洞，可导致以系统进程权限执行任意指令。目前没有详细漏洞细节提供。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microso...

Microsoft Windows CSRSS HardError Messages Denial of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability because the operating system fails to handle certain API calls with unexpected parameters. A local unprivileged attacker may exploit this issue by executing a malicious application. Successful exploits will allow...

Microsoft Windows Help存在多个漏洞

Microsoft Help WINHLP32.EXE处理.hlp文件存在多个远程代码执行和拒绝服务问题。 攻击者可以在WEB页上防止恶意帮助文件，或者通过EMAIL附件形式发送，诱使用户打开来触发此漏洞，成功利用此漏洞可以以进程权限执行任意指令。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition...

Microsoft Windows GDI的内核本地特权升级漏洞

Microsoft Windows容易局部特权升级,因为数据结构漏洞的GDI绘制的内核可以重新部署为读写其他进程.入侵者可能利用此问题来执行任意机器代码与系统级特权.成功可能造成影响的计算机的完全妥协.失败可能导致拒绝服务. Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition Microsoft...

Microsoft Windows Server Driver Remote Information Disclosure Vulnerability

Description Microsoft Windows Server driver is susceptible to a remote information-disclosure vulnerability. This issue is due to a flaw in the handling of certain SMB traffic. Exploiting this issue allows remote attackers to gain access to potentially sensitive fragments of kernel memory. This m...