3863 matches found
CVE-2020-1081
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'...
Privilege escalation
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'...
CVE-2020-1081
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'...
CVE-2020-1081
CVE-2020-1081 is an elevation-of-privilege issue in the Windows Printer Service caused by improper validation of file paths when loading printer drivers. Affected product: Windows Printer Service. Root cause details and specific vulnerable versions are not enumerated in the provided documents bey...
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...
Windows Printer Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers. An authenticated attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. To exploit this...
KLA11777 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of...
PT-2020-5402 · Freerdp +6 · Freerdp +6
Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.1.0 Description: The issue is related to an out-of-bound read in irp functions, specifically in parallel process irp create, serial process irp create, drive process irp write, printer process irp write, rdpei recv...
CVE-2020-10094
A cross-site scripting XSS vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2.P273; CX410 & XC2130 before LW74.GM4.P273; CX510 & XC2132 before LW74.GM7.P273; MS310, MS312, MS317 before LW74.PRL.P273; MS410, M1140 befo...
EulerOS 2.0 SP8 : cups (EulerOS-SA-2020-1501)
According to the version of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In arrayfind of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in...
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-1501)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Threat Source newsletter for April 9, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Nearly all devices have some sort of fingerprint scanner now, used to log users in. But these scanners prevent their own unique attack...
Remote Code Execution (RCE)
Foomatic is vulnerable to remote code execution RCE. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript...
Arbitrary Code Execution
system-config-printer is vulnerable to arbitrary code execution. The vulnerability exists as it was found that system-config-printer did not properly sanitize NetBIOS and workgroup names when searching for network printers. A remote attacker could use this flaw to execute arbitrary code with the...
Arbitrary Code Execution
freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were discovered in FreeType's Printer Font Binary PFB font-file format parser. If a user loaded a carefully crafted font-file with a program linked against FreeType, it could cause the application to...
"Access denied" error when you use a Windows Store app to configure printer property settings in Windows
"Access denied" error when you use a Windows Store app to configure printer property settings in Windows This article describes an issue that occurs when you use a Windows Store app in Windows 8.1, Windows RT 8.1, or Windows Server 2012 R2. An update is available to resolve this issue. Before you...
Custom Media Size entries are missing in the Print Capabilities document for version 4.0 printer drivers
Custom Media Size entries are missing in the Print Capabilities document for version 4.0 printer drivers Symptoms After you apply the December 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 or the update rollup for Windows RT, Windows 8, and Windows Server 2012,...
A Cheap 3D Printer Can Trick Smartphone Fingerprint Locks
With a budget of just $2,000, researchers could fool biometric scanners 80 percent of the time...