KLA11139 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and privilege escalations. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an incorre...

Microsoft SharePoint Server CVE-2017-8551 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attackers may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microso...

Microsoft Project Server Remote Code Execution Vulnerability (KB3191890)

This host is missing an important security update according to Microsoft KB3191890 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Security Update for Microsoft Project Server 2013 (KB3191890)

A security vulnerability exists in Microsoft Project Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Project Server 2013 (KB3191890) farm-deployment

A security vulnerability exists in Microsoft Project Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Microsoft Office CVE-2017-0281 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Project Server Elevation of Privilege Vulnerability (3052044)

This host is missing an important security update according to Microsoft Bulletin MS15-036. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

Microsoft Project Server Detection

Detects the installed version of Microsoft Project Server. The script logs in via smb, searches for Microsoft Project Server in the registry and gets the version from registry. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2015-1640

Cross-site scripting XSS vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."...

Microsoft SharePoint CVE-2015-1640 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Microsoft Office Web Component Memory Access Violation Denial of Service Vulnera

Microsoft Office Web组件一款基与Web的数据透视表控件。 Microsoft Office Web包含的ActiveX控件存在设计错误，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建恶意的EWB页，诱使用户访问，可导致对应用程序进行拒绝服务攻击。 Microsoft Office Web Components 2003 0 + Microsoft BizTalk Server 2002 Developer Edition + Microsoft BizTalk Server 2002 Enterprise Edition + Microsoft Commer...

CVE-2006-6617

projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Password tags of the response...

CVE-2006-6617

CVE-2006-6617 affects Microsoft Project Server 2003. The vulnerability lies in projectserver/logon/pdsrequest.asp where a GetInitializationData response can expose the UserName and Password fields, allowing remote authenticated users to obtain the MSProjectUser password for the SQL database. The ...

Microsoft Project Server 2003 information leak

Username and password for Microsoft SQL Server account is sent by client request...

Project Server 2003 - Credential Disclosure

============================================================== Project Server 2003 - Credential Disclosure [email protected] ============================================================== Microsoft Project server 2003 implements a thick client for some of the functionality. The...

Update for Microsoft Project Server 2010 (KB2553430)

Update for Microsoft Project Server 2010 KB2553430...

Security Update for Microsoft Project Server 2010 (KB4022210)

A security vulnerability exists in Microsoft Project Server 2010 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Project Server 2013 (KB4022130) farm-deployment

A security vulnerability exists in Microsoft Project Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Project Server 2010 (KB3114889)

A security vulnerability exists in Microsoft Project Server 2010 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...