Microsoft Windows Graphics Component Information Disclosure Vulnerability (CNVD-2016-09365)

Microsoft Windows is the popular computer operating system. An information disclosure vulnerability exists in the Windows Graphics Device Interface GDI processing memory object. An attacker could exploit this vulnerability to obtain sensitive information on the target system...

Microsoft Edge Scripting Engine Information Disclosure Vulnerability

Microsoft Edge is the web browser built into the Windows 10 version. An information leakage vulnerability exists when Microsoft Edge fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise a user's system...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Microsoft Win32k Elevation of Privilege (MS16-123: CVE-2016-3266)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker could exploit this vulnerability by running a specially crafted application...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Windows Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker who has a domain user accou...

Internet Explorer Information Disclosure Vulnerability

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack scenario, an...

Windows Secure Kernel Mode Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Secure Kernel Mode improperly handles objects in memory. A locally authenticated attacker who successfully exploited this vulnerability could be able to read sensitive information on the target system. To exploit this vulnerability, an...

MS16-109: Security Update for Silverlight (3182373)

The version of Microsoft Silverlight installed on the remote Windows host is affected by a remote code execution vulnerability due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a website containing a specially crafte...

Microsoft Win32k Elevation of Privilege Vulnerability (CNVD-2016-06265)

Microsoft Windows is the popular computer operating system. Some versions of the Windows kernel-mode driver do not properly handle memory objects and an elevation of privilege vulnerability exists, which can be exploited by a local user with a constructed application...

Microsoft Kernel-Mode Drivers Multiple Privilege Elevation Vulnerabilities (3178466)

This host is missing an important security update according to Microsoft Bulletin MS16-098. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Internet Explorer Information Disclosure (MS16-095: CVE-2016-3327)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer and Edge. The vulnerability is due to improper handling of objects in memory. A remote attacker can exploit this vulnerability by enticing a victim to open a maliciously crafted web page...

Microsoft Windows Win32k Elevation of Privilege (MS16-098: CVE-2016-3309)

An elevation of privilege vulnerability exists in the Windows Kernel. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by running a specially crafted application...

KLA10856 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper embedded...

Microsoft Office Compatibility Pack Multiple RCE Vulnerabilities (3170008)

This host is missing an important security update according to Microsoft Bulletin MS16-088. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...

Microsoft Internet Explorer Information Disclosure (MS16-084 : CVE-2016-3261)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling certain javascript memory objects. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

KLA10842 Multiple code execution vulnerabilities in Microsoft Office

An improper memory objects handling and XLA files handling were found in Microsoft Office. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed files. Technical details To mitigate some of these...

Microsoft Office Remote Code Execution Vulnerability (3163610) - Mac OS X

This host is missing a critical security update according to Microsoft Bulletin MS16-070 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Edge Multiple Vulnerabilities (3163656)

This host is missing a critical security update according to Microsoft Bulletin MS16-068. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...