216 matches found
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attac...
Microsoft Edge CVE-2017-8634 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Hashicorp vagrant-vmware-fusion 4.0.23 Local Root Privilege Escalation
CVE-2017-11741 Local root privesc in Hashicorp vagrant-vmware-fusion = 4.0.23 2 Aug 2017 06:49 A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin: https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmwarefusion--4020.html The...
Solution Corner: Malwarebytes Endpoint Protection
We’ve been busy here at Malwarebytes with several product announcements recently. Malwarebytes Incident Response was released in late April, providing threat detection and remediation via our new cloud-based platform. Right on its heels, leveraging the same platform is Malwarebytes Endpoint...
Microsoft Windows - nt!NtQueryInformationProcess (ProcessVmCounters) Kernel Stack Memory Disclosure
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1190&desc=2 We have discovered that the nt!NtQueryInformationProcess system call called with the ProcessVmCounters information class discloses portions of uninitialized kernel...
Microsoft Windows - nt!NtQueryInformationResourceManager (information class 0) Kernel Stack Memory Disclosure
Microsoft Windows - nt!NtQueryInformationResourceManager information class 0 Kernel Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1207 We have discovered that the nt!NtQueryInformationResourceManager system call called with the 0 information class...
Microsoft Windows - 'win32k!NtGdiExtGetObjectW' Kernel Stack Memory Disclosure
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1178 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory in Windows 7-10 through the win32k!NtGdiExtGetObjectW system call accessible via a documented GetObject API function to user-mo...
Microsoft Windows - win32k!NtGdiMakeFontDir Kernel Stack Memory Disclosure
Microsoft Windows - win32k!NtGdiMakeFontDir Kernel Stack Memory Disclosure Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1191 We have discovered that the win32k!NtGdiMakeFontDir system call discloses large portions of uninitialized kernel stack memory to user-mode clients. The...
Announcing Malwarebytes Endpoint Protection, a next-generation antivirus replacement for businesses
Six months ago, we announced Malwarebytes 3.0, a next-generation antivirus replacement for home users. Today, I am happy to announce Malwarebytes Endpoint Protection, its equivalent for businesses. Malwarebytes Endpoint Protection includes an easy to deploy, scalable cloud platform that allows yo...
Microsoft IIS WebDav ScStoragePathFromUrl Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule ' Microsoft IIS WebDav ScStoragePathFromUrl Overflow', 'Description' = %q Buffer overflow in the ScStoragePathFromUrl function in the WebDAV servic...
Beware of an Unpatched Microsoft Word 0-Day Flaw being Exploited in the Wild
It's 2017, and opening a simple MS Word file could compromise your system. Security researchers are warning of a new in-the-wild attack that silently installs malware on fully-patched computers by exploiting a serious — and yet unpatched — zero-day vulnerability in all current versions of Microso...
PT-2017-1936 · Microsoft · Windows Server 2012 +9
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to Windows 10 and Windows Server 2016, including Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1 Description: The vulnerabilit...
CVE-2017-0528
An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...
CVE-2017-0528
An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...
CVE-2017-0455
An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit...
Privilege escalation
An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...
Information disclosure
An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it is a general bypass for a user level defense in depth or exploit mitigation technology ...
CVE-2017-0424
CVE-2017-0424 affects AOSP Messaging in Android (versions 6.0–7.1.1). It is an information disclosure vulnerability that could allow a local malicious app to bypass OS protections and access data outside its permitted scope when processing a specially crafted file. The issue is described as a mod...
CVE-2017-0424
An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it is a general bypass for a user level defense in depth or exploit mitigation technology ...
Microsoft Patches Publicly Disclosed IE, Edge Vulnerabilities
Microsoft today patched a half-dozen critical browser vulnerabilities that have been publicly disclosed, but apparently not used in attacks as of yet. The critical Internet Explorer and Microsoft Edge bulletins are among six released today, along with six others with a severity rating of importan...