Remote code execution

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for...

Microsoft Windows Graphics Component CVE-2017-8527 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed explo...

Security update for the libjpeg information disclosure vulnerability for Microsoft Silverlight 5: April 11, 2017

Security update for the libjpeg information disclosure vulnerability for Microsoft Silverlight 5: April 11, 2017 Summary To learn more about the vulnerability, go to CVE-2013-6629. More Information Important All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows...

MS12-034: Description of the security update for Silverlight 5: May 8, 2012

MS12-034: Description of the security update for Silverlight 5: May 8, 2012 Microsoft has released the security bulletin MS12-034. You can view the complete security bulletin by visiting one of the following Microsoft websites: Home users:...

MS15-080: Description of the security update for Silverlight 5: August 11, 2015

MS15-080: Description of the security update for Silverlight 5: August 11, 2015 Summary This security update resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or...

MS15-044: Description of the security update for Silverlight 5: May 12, 2015

MS15-044: Description of the security update for Silverlight 5: May 12, 2015 Summary This article describes a security update for Microsoft Silverlight 5 that is dated May 12, 2015. Silverlight is a cross-browser, multi-environment plug-in that delivers the next generation of Microsoft .NET-based...

Memory corruption

StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append operations, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability."...

Microsoft Windows TrueType Fonts CVE-2015-2464 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Windows TrueType Fonts CVE-2015-2455 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Spoofing

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5...

CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5...

CVE-2013-3178

Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service NULL pointer dereference via a crafted Silverlight application, aka "Null Pointer Vulnerability."...

Double free

Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."...

CVE-2013-0074

Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka “Silverlight Double Dereference Vulnerability.” Recent...