Windows kernel information disclosure vulnerability: June 13, 2017

Windows kernel information disclosure vulnerability: June 13, 2017 Summary An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attack...

Microsoft Edge browser vulnerability, allowing a hacker to trigger memory corruption

The vulnerability of Microsoft Edge relates to improper access to objects in memory. Exploiting this vulnerability can allow a remote attacker to cause memory corruption...

CVE-2017-0264

Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265...

PT-2017-2143 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: A remote code execution issue exists due to improper memory object access. This could allow a remote attacker to execute arbitrary code or cause memory corruption. The vulnerabili...

CVE-2017-0191

A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system...

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log ...

Microsoft Windows Graphics Local Elevation of Privilege Vulnerability (CNVD-2017-03705)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the Windows Graphics Device Interface GDI Handling Memory Object, which can be exploited by an attacker to execute arbitrary code in kernel mode...

Microsoft Windows Graphics Local Elevation of Privilege Vulnerability (CNVD-2017-03701)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the Windows Graphics Device Interface GDI Handling Memory Object, which can be exploited by an attacker to execute arbitrary code in kernel mode...

Microsoft Edge Information Disclosure (MS17-007: CVE-2017-0017)

An information disclosure vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge improperly handles objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted website...

Windows Graphics Component Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way the Windows Graphics Component handles objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or creat...

Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10981)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...

Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10979)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...

Microsoft Windows Universal Log File System Driver Elevation of Privilege Vulnerability (CNVD-2016-11019)

Microsoft Windows is a series of operating systems released by the American company Microsoft Microsoft. CLFS is a high-performance, general-purpose log file subsystem. An elevated privilege vulnerability exists when the Windows Common Log File System CLFS driver fails to properly handle objects ...

Microsoft Windows Open Type Font Information Disclosure (MS16-132: CVE-2016-7210)

An information disclosure vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the Open Type Font OTF driver handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted OTF fil...

VulnCheck KEV: CVE-2016-7255

Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode...

Microsoft Windows Graphics Remote Elevation of Privilege Vulnerability

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the Windows Graphics Graphics component handling memory objects. This vulnerability could be exploited by an attacker to run arbitrary code in kernel mode...

Microsoft Windows Kernel Win32k Privilege Extraction Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Graphics is one of the graphics components. A privilege extraction vulnerability exists in the Microsoft Windows kernel that stems from a program's failure to properly handle objects in memory. An...

Microsoft Transaction Manager Elevation of Privilege Vulnerability

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in Windows Transaction Manager fails to properly handle memory objects. It could allow an attacker to take control of an affected system via a constructed application...

Microsoft Internet Explorer/Edge Information Disclosure Vulnerability

Internet Explorer is a web browser from Microsoft. An information disclosure vulnerability exists in Microsoft Internet Explorer versions 9, 10, 11, and Edge due to the program not properly handling memory objects. A remote attacker is allowed to exploit this vulnerability to obtain system...

Microsoft Internet Explorer/Edge Information Disclosure Vulnerability (CNVD-2016-06276)

Internet Explorer is a web browser from Microsoft. An information disclosure vulnerability exists in Microsoft Internet Explorer versions 9, 10, 11, and Edge due to the program not properly handling memory objects. A remote attacker is allowed to exploit this vulnerability to obtain system...