39 matches found
KLA11517 ACE vulnerability in Microsoft SQL Server
Remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2019-1068 Related products Microsoft-SQL-Server CVE list CVE-2019-1068 high KB list 4505217 4505220 4505219 4505221 4505222...
KLA11466 Obsolete Adobe Flash Player for Windows
Microsoft released update to address vulnerabilities in Flash Player. For details look at KLA11465. Original advisories ADV190011 Related products Microsoft-Windows CVE list KB list 4493478 Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Upda...
KLA11424 PE vulnerability in Microsoft Dynamics 365
An elevation of privilege vulnerability was found in Microsoft Dynamics 365 Server. Malicious users can exploit this vulnerability remotely via specially crafted request to gain privileges. Original advisories CVE-2018-8654 Related products Microsoft-Dynamics-365 CVE list CVE-2018-8654 warning KB...
KLA11224 ACE vulnerability in Microsoft Internet Explorer
An unspecified vulnerability was found in Microsoft Internet Explorer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted website. Original advisories CVE-2018-8118 Related products...
KLA11172 Multiple vulnerabilities in Microsoft Development Tools
Multiple serious vulnerabilities have been found in Microsoft .NET Core, ASP.NET Core, Microsoft Excel and Microsoft Office Compatibility Pack. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, bypass security restrictions and gain privileges...
KLA11841 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in DirectX can be exploited remotely via specially...
KLA10987 Information disclosure in Windows DVD Maker
An improper parsing of .msdvd files was found in Windows DVD maker. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed .msdvd file. Original advisories MS17-020 CVE-2017-0045 Exploitation Public...
KLA10976 Microsoft Windows PDF Library vulnerability
An unspecified vulnerability was found in the Microsoft Windows PDF Library. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed PDF file. Original advisories MS17-009 CVE-2017-0023 Related products...
KLA10940 Privilege escalation vulnerability in Microsoft Edge
An elevation of privilege vulnerability was found in Microsoft Edge. By exploiting this vulnerability malicious users can bypass the Same Origin Policy and gain privileges. This vulnerability can be exploited remotely via vectors involving data: URLs and about:blank URL. Original advisories...
KLA10873 Multiple vulnerabilities in Microsoft Server Software
Multiple serious vulnerabilities have been found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to spoof user interface. obtain sensitive information or gain privileges. Below is a complete list of vulnerabilities 1. An improper email messages parsing can be...
KLA10695 Multiple vulnerabilities in Microsoft .NET Framework
Multiple serious vulnerabilities have been found in Microsoft .NET Framework. Malicious users can exploit these vulnerabilities to bypass security restrictions,. Below is a complete list of vulnerabilities 1. Erroneous XML parsing at Document Type Definition can be exploited remotely via a...
KLA10661 Multiple vulnerabillities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or conduct XSS attack. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a specially design...
KLA10644 Privelege escalation vulnerability in Microsoft .NET Framework
An improper optimization at RyuJIT were found in Microsoft .NET Framework. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited remotely via a specially designed .NET application. Technical details This vulnerability caused by improper...
KLA10632 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft office. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. An unknown vulnerability can ...
KLA10583 Code execution vulnerability in Microsoft Office
An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document. Original advisories Microsoft bulletin CVE-2015-1683 CVE-2015-1682 Related...
KLA10561 Code injection vulnerability in Microsoft Sharepoint
An XSS vulnerabilities were found in Microsoft Sharepoint. By exploiting these vulnerabilities malicious users can inject arbitrary scripts. These vulnerabilities can be exploited remotely via a specially designed request. Original advisories MS15-036 CVE-2015-1653 CVE-2015-1640 Related products...
KLA10456 SB vulnerability in MS Office
An use-after-free vulnerability was found in Microsoft Office. By exploiting this vulnerability malicious users can bypass ASLR protection. This vulnerability can be exploited remotely via a specially designed document. Original advisories MS bulletin CVE-2014-6362 Related products Microsoft-Offi...
KLA10605 Code execution vulnerability in Microsoft VBScript
An unspecified vulnerabilities were found in Microsoft VBScript engine. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed web site. Original advisories CVE-2014-6363 CVE-2014-0271 Exploitation...
KLA10609 Multiple vulnerabilities in Microsoft Lync Server
Multiple serious vulnerabilities have been found in Microsoft Lync Server. Malicious users can exploit these vulnerabilities to inject arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed URL...