Microsoft Excel 2016 RCE and Information Disclosure Vulnerabilities (KB4484507)

This host is missing an important security update according to Microsoft KB4484507 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

PT-2020-4150 · Microsoft · Windows Media Audio Decoder +1

Name of the Vulnerable Software and Affected Versions: Windows Media Audio Decoder affected versions not specified Description: A remote code execution issue exists due to improper handling of objects by Windows Media Audio Decoder, allowing an attacker to potentially take control of an affected...

PT-2020-4157 · Microsoft · Windows Media Audio Decoder +1

Name of the Vulnerable Software and Affected Versions: Windows Media Audio Decoder affected versions not specified Description: A remote code execution issue exists due to improper handling of objects by Windows Media Audio Decoder, allowing an attacker to potentially take control of an affected...

CVE-2020-0949

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0948, CVE-2020-0950...

The vulnerability in Internet Explorer, caused by an operation that goes beyond the buffer boundaries in memory, allows a malicious actor to gain the privileges of the current user.

The vulnerability of the Internet Explorer browser is related to improper handling of objects in memory. Exploiting this vulnerability can allow a remote attacker to gain privileges as the current user...

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797...

Microsoft Windows ClientCopyImage Improper Object Handling Exploit

This Metasploit module exploits improper object handling in the win32k.sys kernel mode driver. This Metasploit module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64. This module requires Metasploit: http://metasploit.com/download Current source:...

PT-2010-2044 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: A remote code execution issue exists due to incorrect initialization or deletion of an object when accessed by Internet Explorer. This could be exploited through a specially craft...

PT-2010-2046 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: A remote code execution issue exists due to incorrect initialization or deletion of an object. An attacker can exploit this by creating a specially crafted Web page. When viewed,...

PT-2009-5944 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: A remote code execution issue exists due to incorrect initialization or deletion of an object when accessed by Internet Explorer. An attacker can exploit this by creating a...