CVE-2024-21417 Windows Text Services Framework Elevation of Privilege Vulnerability

...

CVE-2024-21417

CVE-2024-21417 is a Windows Text Services Framework elevation of privilege vulnerability. The connected records confirm the affected component as Windows Text Services Framework (with CVE-2024-21417 listed as impacting Windows CoreMessaging in one entry) and describe the impact as obtaining incre...

The vulnerability of the Microsoft Windows Text Services Framework software interface in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Windows Text Services Framework TSF operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially crafted web page...

CVE-2017-8727

Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services...

Internet Explorer Memory Corruption Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory via the Microsoft Windows Text Services Framework. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

MS15-020: Description of the security update for Windows text services: March 10, 2015

MS15-020: Description of the security update for Windows text services: March 10, 2015 Summary This security update resolves a vulnerability in Windows. The vulnerability could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website or ope...

Internet Explorer Memory Corruption Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory via the Microsoft Windows Text Services Framework. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

CVE-2015-0081

Windows Text Services WTS in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted 1 web site or ...