Microsoft Windows GDI的内核本地特权升级漏洞

Microsoft Windows容易局部特权升级,因为数据结构漏洞的GDI绘制的内核可以重新部署为读写其他进程.入侵者可能利用此问题来执行任意机器代码与系统级特权.成功可能造成影响的计算机的完全妥协.失败可能导致拒绝服务. Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition Microsoft...

Microsoft Internet Explorer WMF Image Parsing Memory Corruption Vulnerability

Description Microsoft Internet Explorer is affected by an WMF image-parsing memory-corruption vulnerability. This issue is allegedly due to an integer-overflow flaw that leads to corrupted heap memory. This problem presents itself when a user views a malicious WMF-formatted file containing...

Microsoft Internet Explorer HTTPS Proxy Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information disclosure vulnerability when using an authenticating proxy server for HTTPS communications. Exploitation of this issue could result in an attacker gaining a user's authentication credentials. This issue only exists when the...

Microsoft Windows Graphics Rendering Engine WMF Format Code Execution Vulnerability

Description Microsoft Windows WMF graphics rendering engine is affected by a remote code execution vulnerability. The problem presents itself when a user views a malicious WMF formatted file, triggering the vulnerability when the engine attempts to parse the file. A malicious file can cause an...

Microsoft MSDTC COM+ Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a vulnerability in the COM+ Component Object Model functionality of the MSDTC Microsoft Distribution Transaction Coordinator service. This issue may permit remote and local attackers to execute arbitrary code in the context of the service. This issue may ...

Microsoft MSDTC TIP Distributed Denial Of Service Vulnerability

Description The Microsoft MSDTC Microsoft Distribution Transaction Coordinator service is prone to a vulnerability that may permit denial of service attacks against the service or facilitate distributed denial of service attacks against other computers. The vulnerability exists in the TIP...

Microsoft Windows Malicious Shortcut Handling Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code execution vulnerability when handling a malicious shortcut .lnk file. An attacker can exploit this issue by crafting a malicious file and placing it on a Web site or sending it to a user through email followed by enticing them to open it and...

Microsoft XML Parser Remote Denial of Service Vulnerability

Description Microsoft XML Parser is prone to a remote denial of service vulnerability when handling malformed requests. The vulnerability can be exploited through the WebDAV XML message handler of Microsoft IIS server. It is reported that this issue requires a remote attacker to create specially...