72 matches found
Microsoft Internet Explorer XML Handling Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Faile...
Microsoft Windows GDI File Size Parameter Heap Overflow Vulnerability
Description The GDI component of Microsoft Windows is prone to a heap-overflow vulnerability that may be triggered by a malicious WMF Windows Metafile image. A successful exploit will let the attacker execute arbitrary code in the context of the currently logged-in user. Technologies Affected HP...
Microsoft Internet Explorer Embedded Object Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Faile...
Microsoft Windows GDI WMF Integer Overflow Vulnerability
Description The GDI component of Microsoft Windows is prone to an integer-overflow vulnerability that may be triggered by a malicious WMF Windows Metafile image. A successful exploit will let the attacker execute arbitrary code in the context of the currently logged-in user. Technologies Affected...
Microsoft Windows Media Components ISATAP URL Handling Information Disclosure Vulnerability
Description Microsoft Windows Media Components is prone to an information-disclosure vulnerability when handling 'ISATAP' Intra-Site Automatic Tunnel Addressing Protocol URLs. An attacker can use this vulnerability to obtain information that may aid in further attacks. Technologies Affected HP...
Microsoft Windows Media Components 'Service Principle Name' Remote Code Execution Vulnerability
Description Microsoft Windows Media Components is prone to a remote code-execution vulnerability in the SPN Service Principle Name implementation. A successful exploit of this vulnerability may allow a remote attacker to execute code in the context of the logged-in user. Technologies Affected HP...
Microsoft Internet Explorer HTML Objects Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Faile...
Microsoft XML Core Services Transfer Encoding Cross Domain Information Disclosure Vulnerability
Description Microsoft XML Core Services MSXML is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to harvest potentially sensitive information from a web page in another domain...
Microsoft Internet Explorer Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to execute arbitrary script code in another browser window's security zone. This may...
Microsoft Message Queuing Service RPC Query Heap Corruption Vulnerability
Description The Microsoft Message Queuing service MSMQ is prone to a remote heap-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, facilitating the complete compromise of an affected computer. Failed exploit attempts will result i...
Microsoft Windows Internet Printing Service Integer Overflow Vulnerability
Description Microsoft Internet Printing Service is prone to an integer-overflow vulnerability. Exploiting this vulnerability allows attackers to execute arbitrary code with system-level privileges. Technologies Affected HP Storage Management Appliance 2.1 Microsoft Windows 2000 Advanced Server...
Microsoft Internet Explorer HTML Objects Uninitialized Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer...
Microsoft Internet Explorer Uninitialized Object Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer...
Microsoft Windows Kernel Memory Corruption Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected...
Microsoft Windows Kernel Window Creation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected H...
Microsoft GDI+ BMP Integer Overflow Vulnerability
Description Microsoft GDI+ is prone to an integer-overflow vulnerability. An attacker can exploit this issue by enticing unsuspecting users to view a malicious BMP file. Successfully exploiting this issue allows remote attackers to corrupt memory and execute arbitrary code in the context of the...
Microsoft GDI+ GIF File Parsing Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly parses GIF image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may...
Microsoft Office OneNote URL Handler Remote Code Execution Vulnerability
Description Microsoft Office OneNote is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to follow maliciously crafted URIs. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the current...
Microsoft Windows Event System Array Index Verification Remote Code Execution Vulnerability
Description Microsoft Windows Event System is prone to a remote code-execution vulnerability. Remote authenticated attackers can exploit this issue to execute arbitrary code with SYSTEM privileges. A successful attack can result in a full compromise of the affected computer. Technologies Affected...
Microsoft Windows Event System User Subscription Request Remote Code Execution Vulnerability
Description Microsoft Windows Event System is prone to a remote code-execution vulnerability. Remote authenticated attackers can exploit this issue to execute arbitrary code with SYSTEM privileges. A successful attack can result in a full compromise of the affected computer. Technologies Affected...