Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria:...

Microsoft Windows Multiple Vulnerabilities (KB4480963)

This host is missing an important security update according to Microsoft KB4480963 SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Windows Multiple Vulnerabilities (KB4480970)

This host is missing an important security update according to Microsoft KB4480970 SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Windows Multiple Vulnerabilities (KB4480973)

This host is missing a critical security update according to Microsoft KB4480973 SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4480961)

This host is missing a critical security update according to Microsoft KB4480961 SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft XmlDocument Class Privilege Vulnerability

Microsoft Windows 10, etc. are a series of operating systems released by Microsoft Corporation in the U.S. The XmlDocument class is one of the classes used to load XML into the document object model. An elevation vulnerability exists in the Microsoft XmlDocument class that can be exploited by a...

CVE-2019-0555

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows...

CVE-2019-0555

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows...

Privilege escalation

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows...

CVE-2019-0555

The CVE-2019-0555 entry corresponds to an elevation of privilege in Microsoft XmlDocument that can escape AppContainer sandbox via cross-boundary remoting. Connected analysis explains an IDispatch/type library abuse path: malicious clients query for the old IXMLDOMDocument interface, then marshal...

CVE-2019-0555

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows...

Microsoft XmlDocument Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer...

KB4480966: Windows 10 Version 1803 and Windows Server Version 1803 January 2019 Security Update

The remote Windows host is missing security update 4480966. It is, therefore, affected by multiple vulnerabilities : - A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited th...

KB4480964: Windows 8.1 and Windows Server 2012 R2 January 2019 Security Update

The remote Windows host is missing security update 4480964 or cumulative update 4480963. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited...

KB4480962: Windows 10 January 2019 Security Update

The remote Windows host is missing security update 4480962. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...

KB4480973: Windows 10 Version 1703 January 2019 Security Update

The remote Windows host is missing security update 4480973. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtai...

tinyxml2/xmltest: Use-of-uninitialized-value in tinyxml2::XMLUtil::StringEqual

Project: https://github.com/leethomason/tinyxml2.git Detailed report: https://oss-fuzz.com/testcase?key=5763247731376128 Project: tinyxml2 Fuzzer: libFuzzerxmltest Fuzz target binary: xmltest Job Type: libfuzzermsantinyxml2 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...

Heap-Based Buffer Over-read

TinyXML2 is vulnerable to heap-based buffer over-read. The vulnerability can be triggered when the attacker parses a malicious data to XMLDocument::Parse function...

TinyXML2 'XMLDocument::Parse' function heap buffer overflow vulnerability

TinyXML2 is a C++-based open source XML parser . A heap buffer overflow vulnerability exists in the 'XMLDocument::Parse' function of the libtinyxml2.so file in TinyXML2 version 6.2.0. An attacker can exploit this vulnerability to cause a buffer out-of-bounds read...

DEBIAN-CVE-2018-11210

TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...