10273 matches found
CVE-2015-7052
CVE-2015-7052 affects Apple OS X before 10.11.2 where kext tools mishandle kernel-extension loading, enabling local users to gain privileges via unspecified vectors. The vulnerability stems from the kernel-extension loading path, with an update shipped in OS X 10.11.2 to mitigate. Practical impac...
CVE-2015-7052
kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors...
CVE-2015-7051
MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app...
Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08040)
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...
Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08042)
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...
Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08041)
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...
CVE-2015-6133
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
CVE-2015-6128
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
CVE-2015-6133
CVE-2015-6133 affects multiple Windows versions (Windows 8/8.1, Windows Server 2012 R2, Windows RT, Windows 10 1511) and is caused by improper handling of library loading, enabling local privilege escalation via a crafted application. Public exploitation exists: exploits reference MS15-132 and re...
CVE-2015-6128
CVE-2015-6128 describes a Windows privilege-escalation flaw where local users can gain privileges by abusing how Windows loads libraries. Affected products include Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1. The root cause is mishandling of library loading, enabling ...
CVE-2015-6132
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka...
CVE-2015-6132
CVE-2015-6132 is the Windows library loading remote code execution vulnerability affecting multiple Windows versions. Root cause: mishandled library loading enabling local privilege escalation via a crafted application. The MS15-132 security update fixes this, with public exploits and a Metasploi...
CVE-2015-6128
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
MS15-134 Microsoft Office COM Object DLL Planting with els.dll
While loading an embedded object in Microsoft Word or other Microsoft Office products, it is possible to load a Classic Event Viewer Extension, which causes a LoadLibraryW call that attempts to load elsext.dll from the same directory as the Office document. From an untrusted remote share such as...
Microsoft Windows Library Loading Remote Code Execution (MS15-132: CVE-2015-6133)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way Windows improperly validates input before loading libraries. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted file...
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Note: This issue was previously titl...
Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-041/MS16-070) (Metasploit)
require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various...