Microsoft Office Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

VulnCheck KEV: CVE-2011-1255

The Timed Interactive Multimedia Extensions aka HTML+TIME implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted,...

Microsoft Windows Win32k Elevation of Privilege Vulnerability (CNVD-2016-01083)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the kernel mode driver for Microsoft Windows, which arises from a program's failure to properly handle memory objects. A local attacker could exploit th...

The vulnerability of the Mac OS X operating system, which allows a hacker to increase their privileges

The vulnerability of the Mac OS X operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges through VM objects...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s kernel is related to the handling of objects in memory. Exploiting this vulnerability can allow a local attacker to increase their privileges through a specially created application...

KLA10739 Code execution vulnerability in Microsoft VBScript

Improper memory objects handling was found in Microsoft VBScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Technical details To mitigate this vulnerability you can restrict acces...

Microsoft Windows Remote Code Execution Vulnerabilities (3105864)

This host is missing a critical security update according to Microsoft Bulletin MS15-115. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

KLA10675 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...

Microsoft Windows Font Driver Elevation of Privilege Vulnerability (CNVD-2015-05949)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows version 10 when the Adobe Type Manager library does not properly handle objects in memory. An attacker could exploit this vulnerabilit...

MS15-101: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities in the Microsoft .NET Framework : - An elevation of privilege vulnerability exists due to improper validation of the number of objects in memory before they are copied into an array. A...

KLA10652 Code execution vulnerability in Internet Explorer

An improper memory objects handling was found in Internet Explorer. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website. Original advisories CVE-2015-2502 Related products...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05235)

Microsoft Internet Explorer is a popular WEB browser. A remote code execution vulnerability exists when Internet Explorer fails to properly access objects in memory. The vulnerability allows an attacker to execute arbitrary code memory corruption in the context of the current user...

Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (3076321)

This host is missing a critical security update according to Microsoft Bulletin MS15-065. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Windows ATMFD Font Driver Remote Code Execution (MS15-021: CVE-2015-0093)

A remote code execution vulnerability has been reported in Microsoft Windows ATMFD Font Driver. The vulnerability is due to an error in Font Driver while improperly overwriting objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted file...

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2015-01104)

Microsoft Windows is a popular operating system. A security vulnerability in Microsoft Windows 'Win32k.sys' handling of in-memory objects allows local attackers to exploit the vulnerability to elevate privileges and execute arbitrary code in kernel context...

Microsoft Internet Explorer CTableOMRowCache Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

MS14-011: Description of the security update for Visual Basic Scripting Edition (VBScript) 5.8: February 11, 2014

Addresses a vulnerability by changing how the VBScript scripting engine handles objects in memory.INTRODUCTIONMicrosoft has released security bulletin MS14-011. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

Microsoft Office Word File Processing CVE-2014-0258 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

CVE-2013-1340

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain...