27 matches found
EUVD-2020-8879
Malware in sbrugna...
CVE-2024-21417
Windows Text Services Framework Elevation of Privilege Vulnerability...
CVE-2024-21417
Windows Text Services Framework Elevation of Privilege Vulnerability...
PT-2020-4653 · Microsoft · Windows Msctf Server +1
Name of the Vulnerable Software and Affected Versions: Windows MSCTF Server affected versions not specified Description: The issue exists due to insufficient input validation in the Windows MSCTF Server component of the Windows operating system. Exploitation of this issue may allow an attacker to...
CVE-2020-16921
An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow a...
CVE-2020-16921
An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow a...
Information disclosure
An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow a...
CVE-2020-16921 Windows Text Services Framework Information Disclosure Vulnerability
...
CVE-2020-16921
CVE-2020-16921 is an information-disclosure vulnerability in the Windows Text Services Framework caused by improper handling of objects in memory. An attacker who can log on to an affected system and open a specially crafted file could read data not intended to be disclosed. The issue does not en...
CVE-2020-16921 Windows Text Services Framework Information Disclosure Vulnerability
...
Windows Text Services Framework Information Disclosure Vulnerability
An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow a...
Google Finds 20-Year-Old Microsoft Windows Vulnerability
There's no indication that this vulnerability was ever used in the wild, but the code it was discovered in -- Microsoft's Text Services Framework -- has been around since Windows XP...
Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities
The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The ctfmon service creates an ALPC port in a well known location, to which...
Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities
The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The ctfmon service creates an ALPC port in a well known location, to which...
Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities
Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The...
Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows
Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call ALPC. A Google security researcher has just disclosed details of a...
Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows
Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call ALPC. A Google security researcher has just disclosed details of a...
CVE-2017-8727
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services...
Memory corruption
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services...
CVE-2017-8727
CVE-2017-8727 is an RCE in the Windows Text Services Framework that can be triggered through memory handling in the Windows Text Services/IE edge scripting path. The connected KB entry confirms the flaw exists in Internet Explorer/Windows components and was addressed in Microsoft’s October 2017 p...