KLA10582 Code execution vulnerability in Microsoft Sharepoint Server

An unspecified vulnerability was found in Microsoft SharePoint Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed page content. Original advisories Microsoft bulletin CVE-2015-1700 Related...

KLA10574 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to write local files, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Memory corruption, heap...

KLA10581 Privilege escalation vulnerability in Microsoft Silverlight

An unspecified vulnerability was found in Microsoft Silverlight. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed Silverlight application. Original advisories Microsoft advisory CVE-2015-1715 Related produc...

KLA10584 Multiple vulnerabilities in Mozilla products

Multiple serious vulnerabilities have been found in Mozilla products. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1...

KLA10578 Multiple vulnerabilities in Microsoft Font Drivers

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper fonts handling can be exploited remotely via a specially...

KLA10576 Flash Player update for Google Chrome

Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10574. Original advisories Google blog record Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details...

KLA10586 Denial of service vulnerabilities in Wireshark

An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed packet trace. Original advisories Wireshark security advisories Related products...

KLA10583 Code execution vulnerability in Microsoft Office

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document. Original advisories Microsoft bulletin CVE-2015-1683 CVE-2015-1682 Related...

KLA10579 Multiple vulnerabilities in Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper ASLR...

KLA10573 Multiple vulnerabilities in Apple Safari

Multiple serious vulnerabilities have been found in Apple Safari. Malicious users can exploit these vulnerabilities to bypass security restrictions, read arbitrary files or cause denial of service. Below is a complete list of vulnerabilities 1. Improper page-loading and history implementations ca...

KLA10571 Denial of service vulnerability in Foxit products

An unspecified vulnerability was found in Foxit products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed GIF in PDF file or vectors related to digital signatures. Original advisories Foxit bulleti...

KLA10569 Vulnerability in OpenOffice

Vulnerability in OpenOffice’s HWP filter was found in Apache OpenOffice 4.1.1 and older. By exploiting this vulnerability malicious users can cause denial of service crash or possibly execute arbitrary code. This vulnerability can be exploited via a crafted HWP document. Original advisories...

KLA10567 Denial of service vulnerability in Google Chrome

Use-after-free and other vulnerabilities were found in Google Chrome. By exploiting these vulnerabilities malicious users can cause denial of service or conduct other unknown impacts. These vulnerabilities can be exploited remotely via an unknown vectors. Original advisories Google blog entry...

KLA10570 Multiple vulnerabilities in OS X Server

Multiple serious vulnerabilities have been found in Apple OS X Server. Malicious users can exploit these vulnerabilities to bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited remotely via vectors...

KLA10568 Vulnerability in LibreOffice

An unspecified vulnerability was found in LibreOffice 4.3.х before 4.3.7, LibreOffice 4.4.х before 4.4.2. By exploiting this vulnerability malicious users can cause denial of service crash or possibly execute arbitrary code. This vulnerability can be exploited via a crafted HWP document. Original...

KLA10565 Denial of service vulnerabilities in SQLite

Multiple integer and buffer overflows were found in SQLite. By exploiting these vulnerabilities malicious users can cause denial of service or conduct other unknown impact. These vulnerabilities can be exploited remotely via a specially designed input. Original advisories - Related products SQLit...

KLA10566 Multiple vulnerabilities in cURL

Multiple serious vulnerabilities have been found in cURL. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service or conduct other unknown impact. Below is a complete list of vulnerabilities 1. Improper re-use of authenticated Negotiate and NTLM...

KLA10564 Denial of service vulnerability in OS X

An unspecified vulnerability was found in Apple OS X. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed JPEG. NB: Vendor does not provide CVSS rating. This rating was calculated in Kaspersky Lab and...

KLA10562 Obtain sensitive information vulnerability in Apple OS X

Improper password storage was found in OS X. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via logfile reading. NB: Vendor does not provide CVSS rating. This rating was calculated in Kaspersky Lab and can differ fro...

KLA10563 Multiple vulnerabilities in Drupal modules

Multiple serious vulnerabilities have been found in Drupal modules. Malicious users can exploit these vulnerabilities to bypass security restrictions, inject arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Open redirect vulnerabilities in Commerce...

KLA10554 Denial of service vulnerability in Mozilla Firefox

Race condition was found in Mozilla Firefox. By exploiting this vulnerability malicious users can cause denial of service or other unknown impact. This vulnerability can be exploited remotely via an unknown vectors related to plugins. Original advisories MFSA Related products Mozilla-Firefox CVE...

KLA10553 Denial of service vulnerabilities in Oracle MySQL

An unspecified vulnerabilities were found in Oracle MySQL. By exploiting these vulnerabilities malicious users can affect availability. These vulnerabilities can be exploited remotely via an unknown vectors related to InnoDB, Federated, DDL, Partition, SP, XA, Encryption and other unknown vectors...

KLA10572 Multiple vulnerabilities in Lenovo System Update

Multiple serious vulnerabilities have been found in Lenovo System Update. Malicious users can exploit these vulnerabilities to bypass security restrictions or gain privileges. Below is a complete list of vulnerabilities 1. Lack of command piping restrictions can be exploited locally via named pip...

KLA10558 Obtain sensitive information vulnerability in MSXML

An unspecified vulnerability was found in Microsoft XML Core Services. By exploiting this vulnerability malicious users can bypass security restrictions or obtain sensitive information. This vulnerability can be exploited remotely via a specially designed DTD. Original advisories MS15-039...

KLA10560 Privilege escalation vulnerability in Microsoft products

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed task. Original advisories MS15-037 CVE-2015-0098 Related products Microsoft-Windows-7...

KLA10547 Multiple vulnerabilities in Adobe Flash Player

Memory corruption, buffer overflow, use-after-free, double free and memory leak vulnerabilities were found in Adobe Flash. By exploiting these vulnerabilities malicious users can bypass security restrictions, execute arbitrary code or obtain sensitive information. These vulnerabilities can be...

KLA10552 Code execution vulnerabilities in Internet Explorer

Multiple unspecified vulnerabilities were found in Microsoft Internet Explorer. By exploiting these vulnerabilities malicious users can execute arbitrary code or cause denial of service. These vulnerabilities can be exploited remotely via a specially designed web site. Original advisories MS15-03...

KLA10548 Multiple vulnerabilities in Oracle products

An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, availability and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, Hotspot, JavaFX, Delpoyment, Tools, JSSE,...

KLA10549 Code execution vulnerability in Microsoft GC

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed EMF image. Original advisories MS15-035 CVE-2015-1645 Related products...

KLA10555 Denial of service vulnerability in Hyper-V

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed application. Original advisories MS advisory CVE-2015-1647 Related products...

KLA10551 Code execution vulnerabilities in Microsoft Office

Use-after-free, XSS and aother unspecified vulnerabilities were found in Microsoft products. By exploiting these vulnerabilities malicious users can execute or inject arbitrary code. These vulnerabilities can be exploited remotely via a specially designed Office document. Original advisories...

KLA10550 Code execution vulnerability in Microsoft HTTPS.sys

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTTP request. Original advisories MS15-034 CVE-2015-1635 Exploitation Public exploits...

KLA10557 Security bypass vulnerability in Active Directory

Improper logoff handling was found in Microsoft Active Directory. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via workstation manipulations. Original advisories MS15-040 CVE-2015-1638 Related products...

KLA10561 Code injection vulnerability in Microsoft Sharepoint

An XSS vulnerabilities were found in Microsoft Sharepoint. By exploiting these vulnerabilities malicious users can inject arbitrary scripts. These vulnerabilities can be exploited remotely via a specially designed request. Original advisories MS15-036 CVE-2015-1653 CVE-2015-1640 Related products...

KLA10559 Privileges escalation in Microsoft products

Multiple improper impersonation levels handling were found in Microsoft products. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited locally via a specially designed application. Original advisories MS15-038 CVE-2015-1643 CVE-2015-1644...

KLA10546 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, cause denial of service or possible execute arbitrary code. Below is a complete list of vulnerabilities 1. Unknown...

KLA10556 Obtain sensitive information vulnerability in .NET Framework

An unspecified vulnerability was found in Microsoft .NET. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request. Original advisories MS15-041 CVE-2015-1648 Related products...

KLA10545 Multiple vulnerabilities in MediaWiki and extensions

Multiple serious vulnerabilities have been found in MediaWiki. Malicious users can exploit these vulnerabilities to bypass security restrictions, inject arbitrary code, cause denial of service or obtain sensitive information. Below is a complete list of vulnerabilities 1. Unknown vulnerability ca...

KLA10541 Multiple vulnerabilities in Juniper Junos

Multiple serious vulnerabilities have been found in Juniper Junos. Malicious users can exploit these vulnerabilities to gainprivileges, execute arbitrary code orspoof user interface. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via unspecified vectors...

KLA10540 Multiple vulnerability in Apple OS X

Multiple serious vulnerabilities have been found in Apple OS X. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Unsaf...

KLA10538 Multiple vulnerabilities in McAfee ATD

Multiple serious vulnerabilities have been found in McAfee ATD. Malicious users can exploit these vulnerabilities to obtain sensitive information or bypass security restrictions. Below is a complete list of vulnerabilities 1. Improper access restrictions and other unknown vulnerabilities can be...

KLA10539 Multiple vulnerabilities in Open-source ARJ archiver

Buffer overflow, improper strings restriction and other unknown vulnerabilities were found in Open-source ARJ archiver. By exploiting these vulnerabilities malicious users can cause denial of service, execute arbitrary code or write to arbitrary local files. These vulnerabilities can be exploited...

KLA10537 Multiple vulnerabilities in CA Spectrum

Multiple serious vulnerabilities have been found in CA Spectrum. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities 1. Improper data serialization can be exploited remotely via a specially designed Java object...

KLA10531 Security bypass vulnerabilities in Mozilla Firefox

Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities 1. Lack of privileges restrictions can be exploited remotely via vectors related to reader mode. Firefox for...

KLA10534 Sensitive information obtain vulnerabilities in Siemens SIMATIC STEP

Improper password store and other uncnown vulnerability were found in SIMATIC STEP 7. By exploiting these vulnerabilities malicious users can obtain sensitive information. These vulnerabilities can be exploited remotely via an unknown vectors. Original advisories Siemens advisory Related products...

KLA10533 Multiple vulnerabilities in IBM domino

Multiple serious vulnerabilities have been found in IBM Domino. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities 1. Unknown vulnerability can be exploited locally via an unknown...

KLA10535 Multiple vulnerabilities in Inductive Automation Ignition

Multiple serious vulnerabilities have been found in Inductive Automation Ignition. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or inject arbitrary code. Below is a complete list of vulnerabilities 1. Improper passwords handling c...

KLA10536 Multiple vulnerabilities in Citrix NetScaler

Multiple serious vulnerabilities have been found in Citrix NetScaler. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code and conduct XSS attack. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed...

KLA10532 Denial of service vulnerabilities in Cisco Unity Connection

An unspecified vulnerabilities were found in Cisco Unity Connector. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via SIP messages, sessions and connections manipulation. Original advisories Cisco advisory Related...

KLA10530 JRE update for multiple VMware products

Multiple VMware products were updated to address vulnerabilities in Oracle Java. For details look at KLA10447. Original advisories VMSA advisory KLA10447 Exploitation Public exploits exist for this vulnerability. Related products VMware-unclassified-products CVE list CVE-2014-6593 warning Solutio...