Wacom driver backlink vulnerability

Wacom driver is a driver for connecting and managing platform computers. A backlink vulnerability exists in Wacom Drivers for Windows, which stems from a specific flaw in the Tablet PC service, which can be abused to create files by creating symbolic links that can be exploited to elevate...

Microsoft Windows: Turn off handwriting recognition error reporting

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winhandwritingerrorsharing.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Turn off handwriting recognition error reporting Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Microsoft Office SMB Information Disclosure

Vulnerability Summary The following advisory describes an information disclosure found in Microsoft Office versions 2010, 2013, and 2016. Microsoft Office is: “Whether you’re working or playing, Microsoft is here to help. We’re the company that created Microsoft Office, including Office 365 Home,...

Microsoft Windows Journal Remote Code Execution Vulnerability (CNVD-2015-05898)

Microsoft Windows Journal is a tool for viewing sticky notes or model documents created on a Tablet PC on your computer. A remote code execution vulnerability exists in Microsoft Windows Journal, which can be exploited by an attacker to execute arbitrary code...

Microsoft Windows Journal Denial of Service Vulnerability

Microsoft Windows Journal is a tool for viewing sticky notes or model documents created on a Tablet PC on your computer. A denial of service vulnerability exists in Microsoft Windows Journal, which can be exploited by an attacker to cause a denial of service...

Microsoft Windows Journal Remote Code Execution Vulnerability (CNVD-2015-05897)

Microsoft Windows Journal is a tool for viewing sticky notes or model documents created on a Tablet PC on your computer. A remote code execution vulnerability exists in Microsoft Windows Journal, which can be exploited by an attacker to execute arbitrary code...

Microsoft Windows Tablet PC Services Detection (deprecated)

Binary data 8847.prm...

Microsoft Reader <= 2.1.1.3143 Integer Overflow

No description provided by source. Source: http://aluigi.org/adv/msreader1-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version the Origami 2.6.1.7169 version doesn't seem vulnerable the non-PC versions have not been tested...

Microsoft Reader <= 2.1.1.3143 Array Overflow

No description provided by source. Source: http://aluigi.org/adv/msreader4-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version = 2.6.1.7169 Origami version the non-PC versions have not been tested Platforms: Windows, Windows Mobil...

Microsoft Reader <= 2.1.1.3143 NULL Byte Write

No description provided by source. Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version the Origami 2.6.1.7169 version doesn't seem vulnerable the non-PC versions have not been tested Platforms: Windows, Windows Mobile, Tablet PC and UMPC...

Microsoft Reader 2.1.1.3143 - Integer Overflow (1)

Source: http://aluigi.org/adv/msreader1-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: 8B7B 68 MOV EDI,DWORD PTR DS:EBX+68 01083071 |. 8BF7 MOV ESI,EDI 01083073 |. C...

Microsoft Reader 2.1.1.3143 - Integer Overflow (2)

Microsoft Reader 2.1.1.3143 - Integer Overflow 2 Source: http://aluigi.org/adv/msreader3-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version = 2.6.1.7169 Origami version the non-PC versions have not been tested Platforms: Windows,...

Microsoft Reader 2.1.1.3143 - Heap Overflow

Microsoft Reader 2.1.1.3143 - Heap Overflow Source: http://aluigi.org/adv/msreader2-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: 8B8...

Microsoft Reader 2.1.1.3143 - Array Overflow

Microsoft Reader 2.1.1.3143 - Array Overflow Source: http://aluigi.org/adv/msreader4-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version = 2.6.1.7169 Origami version the non-PC versions have not been tested Platforms: Windows,...

Microsoft Reader 2.1.1.3143 - Null Byte Write

Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: | 8D47 01 |LEA EAX,DWORD PTR DS:EDI+1 ; size at offset 0xbd of the PoC 5FFF634D |. 50 |PUSH EAX 5FFF634E |. E8 2B470000 |...

Microsoft Windows Kernel整数截断本地权限提升漏洞

BUGTRAQ ID: 46136 CVE ID: CVE-2011-0045 Windows是微软发布的非常流行的操作系统。 Windows Kernel在实现上存在本地权限提升漏洞，攻击者可利用此漏洞以内核级别权限执行任意代码，从而完全控制受影响计算机。 此漏洞源于Kernel对跟踪事件的支持。由于畸形转换，Kernel为用户空间中的数据分配使用截断的长度。在填充此缓冲区时，Kernel将使用造成缓冲区溢出的另一个长度。这将造成内存破坏并导致执行任意代码。 Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP...

Microsoft Windows Kernel Integer Truncation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause a...

Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2741 Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...

Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross Site Scripting Weakness

Description Help and Support Center is prone to a cross-site scripting weakness because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the privileged zone of the browser of an unsuspecting user. NOTE: This issue is a...

Microsoft GDI+ PNG File Processing Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes PNG image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts m...