KLA11071 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11066. Original advisories ADV170009 Related products Microsoft-Windows CVE list KB list 4025376 Solution Install necessary updates from the KB section, that are listed in your Windo...

KLA11845 Multiple vulnerabilities in Microsoft Exchange Server

Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in Microsoft Exchange can be exploited remotely via specially...

KLA11068 Denial of Service Vulnerability in Microsoft .NET Framework

An improper handling of web requests has been found in Microsoft Common Object Runtime Library. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited by issuing specially designed requests to the .NET web application. Original advisori...

KLA11066 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player versions earlier than 26.0.0.137. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability ...

KLA11067 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An informati...

KLA11070 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Edge and Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code and spoof user interface. Below is a complete list of vulnerabilities: 1. An improper...

KLA11900 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service. Below is a complete list of...

KLA11062 Arbitrary code execution vulnerability in Notepad++

An unspecified vulnerability was found in Notepad++ 7.3.3 with Hex Editor Plugin v0.9.5. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file or an untrusted specially designed file from a remote...

KLA11065 Multiple vulnerabilities in Foxit Reader

Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An use-after-free vulnerability in the...

KLA11844 OSI vulnerability in Microsoft Windows

An information disclosure vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2017-8554 Related products Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7...

KLA11901 OSI vulnerability in Microsoft Products (ESU)

An information disclosure vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2017-8554 Related products Microsoft-Windows Microsoft-Windows-Server...

KLA11375 ACE vulnerability in Microsoft Skype

Stack buffer overflow vulnerability was found in Microsoft. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Microsoft Skype v7.3.6 – Stack Overflow Vulnerability Related products Skype-for-Windows CVE list CVE-2017-9948 high Solution Update to the...

KLA11057 Arbitrary code execution vulnerability in Microsoft Malware Protection Engine

An improper scanning of specially designed files was found in Microsoft Malware Protection Engine in Microsoft Windows. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely by putting a specially designed file to a directory...

KLA11843 ACE vulnerability in Microsoft System Center

A remote code execution vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-8558 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such...

KLA11841 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in DirectX can be exploited remotely via specially...

KLA11054 Multiple vulnerabities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome versions earlier than 59.0.3071.104. Malicious users can exploit these vulnerabilities to spoof domain and possibly to cause a denial of service, bypass security restrictions or obtain sensitive information. Below is a complete lis...

KLA11056 Multiple arbitrary code execution vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows XP and Microsoft Windows Server 2003. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user input in Windows OLE can be...

KLA11050 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Thunderbird. Malicious users can exploit these vulnerabilities to cause a denial of service, spoof user interface, bypass security protections and run arbitrary code. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability...

KLA11063 Denial of service vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark version 2.2.7. Malicious users can exploit these vulnerabilities to cause a denial of service. Below is a complete list of vulnerabilities: 1. A stack exhaustion vulnerability in the DAAP dissector can be exploited remotely via a...

KLA11043 Arbitrary code execution vulnerability in Adobe Shockwave Player

A memory corruption vulnerability was found in Adobe Shockwave Player versions earlier than 12.2.9.199. By exploiting this vulnerability malicious users can execute arbitrary code. Original advisories Adobe Security Bulletin Related products Adobe-Shockwave-Player CVE list CVE-2017-3086 critical...

KLA11045 Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an...

KLA11052 Multiple vulnerabilities in Windows Uniscribe

Multiple serious vulnerabilities have been found in Microsoft Windows Uniscribe. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory can be exploited...

KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, cause a denial of service, read and write local files, spoof user interface and bypass security restrictions. Below is a complete list of...

KLA11051 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, cause a denial of service, obtain sensitive information and possibly to write local files. Below is a complete list of...

KLA11048 Multiple vulnerabilities in Windows Kernel

Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory can be exploited locally v...

KLA11046 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerabili...

KLA11041 Arbitrary code execution vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. 1. A use-after-free vulnerability related to manipulating the ActionScript 2 XML class can be exploited remotely to execute arbitrary code; 2. A...

KLA11049 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. An improper validating of input before loading...

KLA11047 Multiple vulnerabilities in Microsoft Development Tools

Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Original advisories - Exploitation Public exploits exist for this vulnerability. Malware exists for this...

KLA11053 XSS vulnerabilities in Microsoft Sharepoint

Multiple serious vulnerabilities have been found in Microsoft Sharepoint. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities: 1. An improper sanitizing of user web requests can be exploited remotely vi...

KLA11042 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11041. Original advisories ADV170007 Related products Adobe-Flash CVE list KB list 4022730 Solution Install necessary updates from the KB section, that are listed in your Windows...

KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

KLA11040 Elevation of privilege vulnerability in Microsoft Windows

An improper handling of objects in memory in Windows kernel-mode driver was found in Microsoft Windows. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed application by a malicious user who has logged on to...

KLA11035 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome versions earlier than 59.0.3071.86. Malicious users can exploit these vulnerabilities possibly to cause a denial of service, execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete...

KLA11034 Multiple vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities possibly to cause a denial of service. Below is a complete list of vulnerabilities: 1. An improper handling of dividing by zero in the L2CAP dissector can be exploited remotely via a...

KLA11033 Denial of service vulnerability in RealPlayer

A divide-by-zero vulnerability was found in the RealPlayer. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via specially designed MP4 file. Original advisories Divided RealPlayer 16.0.2.32 RealPlayer Homepage Related...

KLA11032 Denial of service vulnerabilities in VideoLAN VLC media player

Multiple serious vulnerabilities have been found in VideoLAN VLC media player. Malicious users can exploit these vulnerabilities to cause a denial of service or possibly have another unspecified impact. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in...

KLA11840 Multiple vulnerabilities in Microsoft System Center

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Malware Protection Engine can be...

KLA11839 Multiple vulnerabilities in Microsoft Exchange Server

Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Malware Protection Engine can ...

KLA11023 Multiple vulnerabilities in VideoLAN VLC Media Player

Multiple serious vulnerabilities have been found in VideoLAN VLC Media Player. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap out-of-bound read in CreateHtmlSubtitle and in ParseJSS can...

KLA11369 Information disclosure Vulnerability in Evernote

Untrusted search path vulnerability was found in Evernote. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2016-4900 Related products EverNote CVE list CVE-2016-4900 high Solution Update to the latest version Evernote Impacts ACE Arbitrary...

KLA11838 ACE vulnerability in Microsoft Browser

A memory corruption vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2017-0223 Related products Microsoft-Edge CVE list CVE-2017-0223 critical KB list 4016871 Solution Install necessary updates from the...

KLA11018 Multuple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to execute arbitrary code and cause a denial of service. Below is a complete list of vulnerabilities: 1. A heap-buffer overflow vulnerability can be exploited remotely to execute...

KLA11019 Multiple vulnerabilities in VMware products

Multiple serious vulnerabilities have been found in VMware Workstation Pro and VMware Workstation Player. Malicious users can exploit these vulnerabilities to gain privileges and cause a denial of service. Below is a complete list of vulnerabilities: 1. An insecure library loading vulnerability c...

KLA11013 Buffer overflow vulnerability in Apple iTunes

A buffer overflow vulnerability was found in WebKit component of Apple iTunes versions earlier than 12.6.1. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Original advisories Apple...

KLA11014 Mupltiple vulnerabilities in PostgreSQL

Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An incorrect check of user privileges in some selectivity estimation...

KLA11022 Obsolete Adobe Flash Player for Windows

Microsoft released update to address vulnerabilities in Flash Player for Internet Explorer. For details look at KLA11008. Original advisories ADV170006 Related products Microsoft-Windows CVE list KB list 4020821 Solution Install necessary updates from the KB section, that are listed in your Windo...

KLA11010 Remote code execution and elevation of privilege vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities: 1. An improper handling of objects in memory in Microsoft Office can be exploited...

KLA11009 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

KLA11008 Arbitrary code execution vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerability related to masking display objects can be exploited remotely to execu...