Microsoft Windows - Uniscribe Heap Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1053 We have encountered a crash in the Windows Uniscribe user-mode library, in the USP10!ScriptApplyLogicalWidth function, while trying to display a malformed EMF file: --- 920c.9190: Access violation - code c0000005 first chance...

Microsoft Color Management Module icm32.dll - icm32!Fill_ushort_ELUTs_from_lut16Tag Out-of-Bounds Read (MS17-013)

Microsoft Color Management Module icm32.dll - icm32!FillushortELUTsfromlut16Tag Out-of-Bounds Read MS17-013 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1052 We have encountered a crash in the Windows Color Management library icm32.dll, in the icm32!FillushortELUTsfromlut16Ta...

Microsoft Color Management Module 'icm32.dll' - 'icm32!LHCalc3toX_Di16_Do16_Lut8_G32' Out-of-Bounds Read (MS17-013)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1054 We have encountered a crash in the Windows Color Management library icm32.dll, in the icm32!LHCalc3toXDi16Do16Lut8G32 function, while trying to translate colors based on a malformed color profile file: --- 61e4.8620: Access...

Microsoft Color Management Module icm32.dll - icm32!LHCalc3toX_Di16_Do16_Lut8_G32 Out-of-Bounds Read (MS17-013)

Microsoft Color Management Module icm32.dll - icm32!LHCalc3toXDi16Do16Lut8G32 Out-of-Bounds Read MS17-013 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1054 We have encountered a crash in the Windows Color Management library icm32.dll, in the icm32!LHCalc3toXDi16Do16Lut8G32...

Microsoft Windows - LoadUvsTable() Heap-based Buffer Overflow Vulnerability

Exploit for windows platform in category dos / poc Date: 15-03-2017 Author: Hossein Lotfi https://twitter.com/hosselot CVE: CVE-2016-7274 1. Description An integer overflow error within the "LoadUvsTable" function of usp10.dll can be exploited to cause a heap-based buffer overflow. Full analysis ...

Microsoft Windows - LoadUvsTable() Heap Buffer Overflow

Microsoft Windows - LoadUvsTable Heap Buffer Overflow Date: 15-03-2017 Author: Hossein Lotfi https://twitter.com/hosselot CVE: CVE-2016-7274 1. Description An integer overflow error within the "LoadUvsTable" function of usp10.dll can be exploited to cause a heap-based buffer overflow. Full analys...

Microsoft Windows LoadUvsTable() Buffer Overflow

Date: 15-03-2017 Author: Hossein Lotfi https://twitter.com/hosselot CVE: CVE-2016-7274 1. Description An integer overflow error within the "LoadUvsTable" function of usp10.dll can be exploited to cause a heap-based buffer overflow. Full analysis is available at:...

MS17-013: Description of the security update for Office 2010: March 14, 2017

MS17-013: Description of the security update for Office 2010: March 14, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

MS17-013: Description of the security update for Office 2010: March 14, 2017

MS17-013: Description of the security update for Office 2010: March 14, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows: MS17-022 Security update for Microsoft XML Core Services MS17-021 Security update for DirectShow MS17-020 Security update for...

Microsoft Windows Graphics Component Remote Code Execution (MS17-013: CVE-2017-0014)

A remote code execution vulnerability exists in Windows Graphics Component. The vulnerability is due to the way Windows Graphics Component handles objects in memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...

Microsoft Windows GDI Elevation of Privilege (MS17-013: CVE-2017-0025)

An elevation of privilege vulnerability exists in Windows Graphics Device Interface GDI. The vulnerability is caused when the Windows Graphics Device Interface fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by running a specially crafted application...

Microsoft Windows Graphics Component Remote Code Execution (MS17-013: CVE-2017-0108)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way the Windows Uniscribe handles objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted website...

Microsoft Windows GDI Elevation of Privilege (MS17-013: CVE-2017-0047)

Elevation of privilege vulnerabilities exists in Windows Graphics Device Interface. The vulnerability is due to the way Windows Graphics Device Interface handles objects in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...