6 matches found
CVE-2020-16940
The CVE-2020-16940 issue is an elevation of privilege in Windows computing environments caused by the Windows User Profile Service (ProfSvc) mishandling junction points. The vulnerability allows an attacker who can log on to exploit a specially crafted application to delete files or folders with ...
CVE-2020-0785
An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...
CVE-2020-0730
An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...
CVE-2019-1454
An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...
KB4525236: Windows 10 Version 1607 and Windows Server 2016 November 2019 Security Update
The remote Windows host is missing security update 4525236. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating...
CVE-2015-0004
CVE-2015-0004 concerns a local privilege-escalation in the Windows User Profile Service (ProfSvc). According to the provided sources, the vulnerability is exploited by a junction attack that loads another user’s UsrClass.dat registry hive, enabling local users to gain privileges. Affected product...