AVG Internet Security 2013.x < 2013.3495 / 2015.x < 2015.5557 Local Privilege Escalation

The remote Windows host has a version of AVG Internet Security installed that is 2013.x prior to 2013.3495 or 2015.x prior to 2015.5557. It is, therefore, affected by a local privilege escalation vulnerability due to a flaw in the TDI driver avgtdix.sys that occurs when handling 0x830020f8 IOCTL...

Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability

Description Microsoft Windows GDI+ is prone to a remote code-execution vulnerability. Successful exploits can allow attackers to execute arbitrary code with kernel-level privileges. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Avaya CallPilot 4.0 Avay...

Bypassing OSX Security Tools is Trivial, Researcher Says

SAN FRANCISCO–For years, Apple has enjoyed a pretty good reputation among users for the security of its products. That halo has been enhanced by the addition of new security features such as Gatekeeper and XProtect to OS X recently, but one researcher said that all of those protections are simple...

Inside nls_933w.dll, the Equation APT Persistence Module

CANCUN – The names called out like beacons from the screen: Samsung; Seagate; Western Digital; Hitachi; Maxtor. Hardware makers were in the crosshairs of the Equation APT group and it was perhaps the worst possible scenario imagined by researchers looking at the frightening and extensive storehou...

BullGuard Premium Protection 'BdAgent.sys' Driver Privilege Escalation Vulnerability

BullGuard Premium Protection is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

BullGuard AntiVirus 'BdAgent.sys' Driver Local Privilege Escalation Vulnerability

BullGuard AntiVirus is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

BullGuard Internet Security 'BdAgent.sys' Driver Privilege Escalation Vulnerability

BullGuard Internet Security is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

BullGuard Backup 'BdAgent.sys' Driver Local Privilege Escalation Vulnerability

BullGuard Backup is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Virtual Machine Manager Local Privilege Escalation Vulnerability

Virtual Machine Manager is a virtual manager from Microsoft. A local privilege escalation vulnerability exists in Microsoft Virtual Machine Manager, which can be exploited by a local attacker to execute arbitrary code with kernel-level privileges...

Microsoft Virtual Machine Manager CVE-2015-0012 Local Privilege Escalation Vulnerability

Description Microsoft Virtual Machine Manager is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Technologies Affected Microsoft System Center Virtual Machine Manager 2012 R2 UR4 VMM Server update...

Microsoft Windows 'Win32k.sys' CVE-2015-0059 Remote Code Execution Vulnerability

Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...

K7 Anti-Virus Plus Privilege Escalation Vulnerability (Feb 2015) - Windows

K7 Anti-Virus Plus is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

K7 Total Security Privilege Escalation Vulnerability (Feb 2015) - Windows

K7 Total Security is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

K7 Ultimate Security Privilege Escalation Vulnerabilities (Feb 2015) - Windows

K7 Ultimate Security is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

RHEL 6 : kernel (RHSA-2013:1783)

Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...

Microsoft Windows 'Win32k.sys' TrueType Font Handling Remote Code Execution Vulnerability

Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...

Panda Internet Security Heap Based Buffer Overflow (Sep 2014)

Panda Internet Security is prone to heap based buffer overflow vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apple Mac OS X 10.4.8 - DMG UFS FFS_MountFS Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21993/info Apple Mac OS X is prone to a remote integer-overflow vulnerability. This issue occurs when the UFS filesystem handler fails to handle specially crafted DMG images. A successful exploit can allow a remote attack...

Linux Kernel 2.6.x 'fasync_helper()' Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37806/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complet...

Apple Mac OS X 10.4.x Mach-O Binary Loading Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21291/info Apple Mac OS X is prone to a local integer-overflow vulnerability. This issue occurs when the operating system fails to handle specially crafted binaries. A successful exploit would allow a local attacker to...