11 matches found
EUVD-2018-1409
Malware in sbrugna...
EUVD-2024-40342
Malicious code in bioql PyPI...
CVE-2024-43590
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability...
CVE-2024-43590
CVE-2024-43590 is a local elevation-of-privilege vulnerability in the Visual C++ Redistributable Installer. A local attacker with Low privileges could exploit this (UI: none) to gain High confidentiality, integrity, and availability impact, with the attack vector being local and requiring Low pri...
PT-2024-6836
Name of the Vulnerable Software and Affected Versions Visual C++ Redistributable Installer affected versions not specified Description The issue is related to insufficient access restrictions in the Visual C++ Redistributable Installer, which is part of the Microsoft Visual Studio development...
KLA73906 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Visual C++...
CVE-2018-0599
Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2018-0599
The CVE-2018-0599 issue affects the Visual C++ Redistributable installer. A vulnerability exists in the installer’s DLL search path (DLL planting) that can allow arbitrary code execution with the privileges of the user invoking the installer. Affected component is the installer for Visual C++ Red...
JVN#81196185: The installer of Visual C++ Redistributable may insecurely load Dynamic Link Libraries
The installer of Visual C++ Redistributable provided Microsoft contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the same directory as the installer CWE-427. Microsoft states that the root cause of this vulnerability is "Application Directo...
Inject Custom Code Into PE File: InfectPE
Inject Custom Code Into PE File Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files. Why you need InjectPE? You can test your security products. Use in a phishing campaign. Learn how PE injection works. …and so on. In the project, there i...
Microsoft Visual Studio ATL 'VariantClear()'远程代码执行漏洞
Bugraq ID: 35832 CVE ID:CVE-2009-0901 CNCVE ID:CNCVE-20090901 Microsoft Visual Studio是一款微软公司的开发工具套件系列产品。 Microsoft活动模版库ATL处理ATL头字段存在问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 ATL头字段存在的一个错误允许攻击者对未正确初始化的VARIANT进行VariantClear调用,基于此攻击者可以提供破坏的流触发错误处理过程中来调用VariantClear而控制整个流程。此漏洞只影响安装了使用Visual Studio...