Microsoft Browser Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack...

Windows Uniscribe Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accoun...

KLA10998 Information disclosure vulnerability in Microsoft Windows Media Player

An improper handling of objects in memory was found in Microsoft Windows Media Player. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website. Original advisories Microsoft Security Update...

Microsoft Windows GDI Elevation of Privilege (MS17-013: CVE-2017-0047)

Elevation of privilege vulnerabilities exists in Windows Graphics Device Interface. The vulnerability is due to the way Windows Graphics Device Interface handles objects in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

Microsoft Windows Uniscribe Remote Code Execution (MS17-011: CVE-2017-0086)

A remote code execution vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Uniscribe handles objects in the memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...

Windows Graphics Component Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way the Windows Graphics Component handles objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or creat...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Microsoft Windows CLFS Driver Information Disclosure (MS16-153: CVE-2016-7295)

An elevation of privilege vulnerability exists in the Windows Common Log File System CLFS driver of Microsoft Windows. The vulnerability is due to the way Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run processes in an elevated...

Win32k elevation of privilege vulnerability MS16-135）(CVE-2016-7255)

If the Windows kernel-mode drivers do not properly handle objects in memory, then there will be multiple elevation of Privilege vulnerabilities. Successful exploitation of this vulnerability an attacker can run in kernel mode arbitrary code. An attacker could then install programs; view, change, ...

Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10978)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...

Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10980)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...

Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-11013)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Windows Common Log File System CLFS driver that does not properly handle memory objects. An attacker could be allowed to exploit the vulnerability t...

Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10977)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...

Microsoft Edge Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited this vulnerability could trick a user into allowing access to the user’s My Documents folder. For an attack to be successful, an attacker must persuade a...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

KLA10902 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Out-of-bounds read can be exploited remotely via a specially designed...

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2016-09367)

Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists when the Microsoft kernel mode driver does not properly handle memory objects. This could allow an attacker to run arbitrary code in kernel mode...