780 matches found
The vulnerability of the CSC Service in Windows operating systems allows attackers to escalate their privileges.
The vulnerability of the CSC Service for Windows operating systems is related to incorrect handling of objects in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020
Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Word if the software does not correctly handle objects in memory. To learn more about the vulnerability,...
Windows Graphics Component Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an attacker could exploit...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Windows Kernel Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...
Active Directory Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Active Directory integrated DNS ADIDNS mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...
PT-2020-4026 · Microsoft · Office Word +1
Name of the Vulnerable Software and Affected Versions: Microsoft Word affected versions not specified Description: A remote code execution issue exists in Microsoft Word software due to its failure to properly handle objects in memory. This could allow an attacker to use a specially crafted file ...
CVE-2020-1562
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafte...
CVE-2020-1566
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...
CVE-2020-1563
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
CVE-2020-1505
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would...
CVE-2020-1486
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...
Remote code execution
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Privilege escalation
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...
Remote code execution
A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
CVE-2020-1533
CVE-2020-1533 is a Windows WalletService elevation-of-privilege vulnerability. The issue arises from how WalletService handles objects in memory, permitting a locally authenticated attacker to execute code with elevated privileges by running a crafted application. The CVE entry notes that exploit...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...