Lucene search
+L

117 matches found

symantec
symantec
added 2011/07/12 12:0 a.m.36 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1878) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01405EPSS
Exploits0Affected Software15
symantec
symantec
added 2011/07/12 12:0 a.m.52 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1880) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS0.0137EPSS
Exploits0Affected Software15
cvelist
cvelist
added 2011/06/16 8:21 p.m.30 views

CVE-2011-1264

Cross-site scripting XSS vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Active Directory...

5.5AI score0.0515EPSS
Exploits0References2
cve
cve
added 2011/04/13 8:7 p.m.63 views

CVE-2011-1234

CVE-2011-1234 is a use-after-free vulnerability in the Windows kernel-mode driver component win32k.sys that enables local privilege escalation. The issue arises from incorrect driver object management in the kernel, affecting multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, ...

7.2CVSS6.4AI score0.01443EPSS
Exploits0References11Affected Software6
symantec
symantec
added 2011/04/12 12:0 a.m.35 views

Microsoft WordPad Text Converter (CVE-2011-0028) Remote Code Execution Vulnerability

Description Microsoft WordPad is prone to a remote code-execution vulnerability. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions. Technologies Affected Avaya...

9.3CVSS7.3AI score0.23596EPSS
Exploits0Affected Software7
symantec
symantec
added 2011/04/12 12:0 a.m.41 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1237) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.02692EPSS
Exploits0Affected Software15
exploitpack
exploitpack
added 2011/02/14 12:0 a.m.17 views

Microsoft Windows Server 2003 - AD BROWSER ELECTION Remote Heap Overflow

Microsoft Windows Server 2003 - AD BROWSER ELECTION Remote Heap Overflow MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow Release date: 2011-02-14 Author: Cupidon-3005 Greet: Winny Thomas, Laurent Gaffie, h07 Bug: Heap Overflow Remote Exploitability: Unlikely Local...

0.5AI score
Exploits0
kaspersky
kaspersky
added 2011/01/24 12:0 a.m.50 views

KLA12360 ACE vulnerability in Microsoft Windows

Code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability in Human Interface Device HID to execute arbitrary code. Original advisories CVE-2011-0638 Related products Microsoft-Windows-Vista Microsoft-Windows-Server-2012 Microsoft-Windows-8...

6.9CVSS7.7AI score0.01431EPSS
Exploits0References9
prion
prion
added 2010/12/22 9:0 p.m.22 views

Stack overflow

Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor aka graphics rendering engine in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary...

9.3CVSS8.4AI score0.67687EPSS
Exploits10References11Affected Software2
seebug
seebug
added 2010/12/01 12:0 a.m.20 views

Microsoft Windows win32k.sys驱动"GreEnableEUDC()"权限提升漏洞

Microsoft Windows是微软发布的非常流行的操作系统。 Windows的win32k.sys驱动实现上存在漏洞,本地攻击者可能利用此漏洞提升权限或导致拒绝服务。 此漏洞源于驱动中的"GreEnableEUDC"函数,通过构造畸形的"SystemDefaultEUDCFont"注册表项,本地攻击者可以给"RtlQueryRegistryValues"函数的"QueryTable"参数提供恶意数据,导致"EntryContext" 缓冲区溢出。 Microsoft Windows XP Professional Microsoft Windows XP Home Edition...

7AI score
Exploits0
saint
saint
added 2010/11/05 12:0 a.m.249 views

IBM Rational Quality Manager and Test Lab Manager Policy Bypass

Added: 11/05/2010 CVE: CVE-2010-4094 BID: 44172 Background IBM Rational Quality Manager is a web-based centralized test management environment for test planning, workflow control, tracking and metrics reporting. IBM Rational Quality Manager incorporates Apache Tomcat 5 to help serve custom web...

5CVSS6AI score0.64496EPSS
Exploits9
symantec
symantec
added 2010/10/12 12:0 a.m.19 views

Microsoft Windows Kernel 'Win32k.sys' Window Class Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Exploits0References2Affected Software11
symantec
symantec
added 2010/06/10 12:0 a.m.25 views

Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross Site Scripting Weakness

Description Help and Support Center is prone to a cross-site scripting weakness because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the privileged zone of the browser of an unsuspecting user. NOTE: This issue is a...

7AI score
Exploits0References1Affected Software1
symantec
symantec
added 2010/06/08 12:0 a.m.20 views

Microsoft Windows Kernel 'Win32k.sys' Window Creation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel when a new window is created. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromis...

0.1AI score
Exploits0Affected Software9
openvas
openvas
added 2010/05/13 12:0 a.m.26 views

Microsoft Windows Kernel 'win32k.sys' Multiple DOS Vulnerabilities

Windows XP/2000/2003 is prone to multiple Denial Of Service vulnerabilities. OpenVAS Vulnerability Test $Id: gbmswinkernelwin32ksysmultdosvuln.nasl 5364 2017-02-20 13:26:07Z cfi $ Microsoft Windows Kernel 'win32k.sys' Multiple DOS Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010...

4.9CVSS6.6AI score0.02658EPSS
Exploits2References4
seebug
seebug
added 2010/04/19 12:0 a.m.40 views

Microsoft Windows内核空指针本地拒绝服务漏洞(MS10-021)

BUGTRAQ ID: 39297 CVE ID: CVE-2010-0234 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核中没有充分验证传递到Windows内核系统调用的注册表项参数。攻击者可以通过运行特制应用程序来利用该漏洞,导致系统变得没有响应并自动重新启动。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows Vista Microsoft...

4.7CVSS6.4AI score0.01932EPSS
Exploits1
symantec
symantec
added 2010/02/09 12:0 a.m.18 views

Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability

Description The Microsoft Data Analyzer is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the application...

Exploits0References1Affected Software11
openvas
openvas
added 2010/01/22 12:0 a.m.78 views

Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability

Microsoft Windows operating system is prone to a privilege escalation vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.900740. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and ar...

7.8CVSS7.7AI score0.29253EPSS
Exploits13References6
cvelist
cvelist
added 2009/12/13 1:0 a.m.30 views

CVE-2009-4313

ir3232.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service heap corruption or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file...

7.6AI score0.20731EPSS
Exploits0References12
prion
prion
added 2009/12/09 6:30 p.m.24 views

Remote code execution

Active Directory Federation Services ADFS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly validate headers in HTTP requests, which allows remote authenticated users to execute arbitrary code via a crafted request to an IIS web server, aka "Remote Code Execution...

9CVSS7.9AI score0.17053EPSS
Exploits1References3
Rows per page
Query Builder