10276 matches found
Apple OS X Kernel Extended Load Verification Bypass Vulnerability
Apple OS X is an operating system developed by Apple Inc. An authentication bypass vulnerability exists in Apple OS X kernel extension loading, which allows attackers to exploit the vulnerability to execute arbitrary code with kernel privileges...
CVE-2015-7052
kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors...
Design/Logic Flaw
MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app...
CVE-2015-7052
kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors...
CVE-2015-7052
CVE-2015-7052 affects Apple OS X before 10.11.2 where kext tools mishandle kernel-extension loading, enabling local users to gain privileges via unspecified vectors. The vulnerability stems from the kernel-extension loading path, with an update shipped in OS X 10.11.2 to mitigate. Practical impac...
CVE-2015-7051
MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app...
Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08040)
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...
Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08042)
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...
Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08041)
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...
CVE-2015-6133
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
CVE-2015-6128
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
CVE-2015-6133
CVE-2015-6133 affects multiple Windows versions (Windows 8/8.1, Windows Server 2012 R2, Windows RT, Windows 10 1511) and is caused by improper handling of library loading, enabling local privilege escalation via a crafted application. Public exploitation exists: exploits reference MS15-132 and re...
CVE-2015-6128
CVE-2015-6128 describes a Windows privilege-escalation flaw where local users can gain privileges by abusing how Windows loads libraries. Affected products include Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1. The root cause is mishandling of library loading, enabling ...
CVE-2015-6132
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka...
CVE-2015-6132
CVE-2015-6132 is the Windows library loading remote code execution vulnerability affecting multiple Windows versions. Root cause: mishandled library loading enabling local privilege escalation via a crafted application. The MS15-132 security update fixes this, with public exploits and a Metasploi...
CVE-2015-6128
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."...
MS15-134 Microsoft Office COM Object DLL Planting with els.dll
While loading an embedded object in Microsoft Word or other Microsoft Office products, it is possible to load a Classic Event Viewer Extension, which causes a LoadLibraryW call that attempts to load elsext.dll from the same directory as the Office document. From an untrusted remote share such as...