6867 matches found
Microsoft Skype for Business and Lync Server CVE-2017-8550 Remote Code Execution Vulnerability
Description Microsoft Skype for Business and Lync Server are prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service...
SA150: NSS Vulnerability April 2017
SUMMARY Symantec Network Protection products using affected versions of NSS are susceptible to a security vulnerability. A remote attacker can send crafted Base64-encoded data and execute arbitrary code or cause denial of service through an application crash. AFFECTED PRODUCTS The following...
Microsoft Windows Hyper-V CVE-2017-0180 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the host operating system. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Windows...
Microsoft Windows iSNS Server CVE-2017-0104 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a memory corruption vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the SYSTEM account. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows Server 2008 R2 for...
Microsoft Windows Uniscribe CVE-2017-0120 Information Disclosure Vulnerability
Description Microsoft Windows Uniscribe is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-bas...
Microsoft Edge CVE-2017-0094 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. This could allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed...
Microsoft Windows Uniscribe CVE-2017-0111 Information Disclosure Vulnerability
Description Microsoft Windows Uniscribe is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-bas...
Microsoft Windows Uniscribe CVE-2017-0090 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed explo...
Microsoft Windows Task Scheduler CVE-2016-7222 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft Windows CVE-2016-3343 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...
Microsoft Windows Diagnostics Hub CVE-2016-7188 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7211 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Office CVE-2016-3366 Spoofing Vulnerability
Description Microsoft Office is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Outlook 2007 Microsoft Outlook 2010 32-bit...
Microsoft Edge CVE-2016-3377 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Windows CVE-2016-3352 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Internet Explorer and Edge CVE-2016-3351 Information Disclosure Vulnerability
Description Microsoft Internet Explorer and Edge are prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in...
Microsoft Internet Explorer and Edge CVE-2016-3295 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Edge and Internet Explorer 10...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3310 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows Kernel CVE-2016-3272 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability that occurs in the Windows kernel because it fails to properly validate certain system calls. An attacker can leverage this issue to disclose the kernel memory and obtain sensitive information that may aid in...
Microsoft Office CVE-2016-3284 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft .NET Framework CVE-2016-3255 XML External Entity Information Disclosure Vulnerability
Description The Microsoft .NET Framework is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information. Successful exploits may lead to other attacks. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework...
Microsoft Office CVE-2016-3233 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Direct3D CVE-2016-0184 Use After Free Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 for 32-bit...
Microsoft Office CVE-2016-0139 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Office CVE-2016-0122 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Windows Graphics Component CVE-2016-0145 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft .NET Framework 3.0 SP2...
Microsoft Windows CVE-2016-0087 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with SYSTEM privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft...
Microsoft Office CVE-2016-0035 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Windows Kernel CVE-2015-6101 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft VBScript and JScript CVE-2015-6055 Multiple Remote Memory Corruption Vulnerabilities
Description Microsoft VBScript and JScript are prone to multiple remote memory-corruption vulnerabilities. Attackers can exploit these issues by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit these issues to execute arbitrary code in the context of the...
Microsoft Office CVE-2015-2521 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Windows Journal CVE-2015-2530 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...
Microsoft Windows OpenType Fonts CVE-2015-2506 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and execute arbitrary code on affected system. Note: This issue was previously titled 'Microsoft Windows OpenType Fonts CVE-2015-2506 Denial of...
Microsoft VBScript CVE-2015-2372 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Microsoft Exchange Server CVE-2015-1764 Same Origin Policy Security Bypass Vulnerability
Description Microsoft Exchange Server is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the same-origin policy, obtain sensitive information and perform unauthorized actions. This could be used to steal sensitive information or launch other attacks...
Microsoft Internet Explorer CVE-2015-1741 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Adobe Flash Player CVE-2015-0339 Unspecified Memory Corruption Vulnerability
Description Adobe Flash Player is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
Microsoft Windows Adobe Font Driver CVE-2015-0093 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Avaya...
Microsoft Internet Explorer CVE-2015-0070 Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...
Microsoft Windows 'Win32k.sys' CVE-2015-0059 Remote Code Execution Vulnerability
Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...
Microsoft Internet Explorer CVE-2014-6350 Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 10, and 11 are vulnerable. Technologies Affected Avaya Aura Conferenci...
Symantec Encryption Desktop Compressed Mail File Denial-of-Service
SUMMARY Certain encryption applications permit compression directly in the message body of an encrypted email file. Symantec Encryption Desktop will attempt decompression and decryption of these specifically formatted incoming email files without properly limiting maximum file size during the...
Microsoft Internet Explorer CVE-2014-4055 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-1772 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0323 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...
Microsoft Windows 'Win32k.sys' CVE-2013-3903 Denial Of Serivce Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the system to stop responding, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0 Standard Avaya Au...
Microsoft Windows DirectAccess CVE-2013-3876 Security Bypass Vulnerability
Description Microsoft Windows DirectAccess is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and impersonate a legitimate server to perform man-in-the-middle attacks. Successfully exploiting this issue allows attackers to obtai...
Microsoft SharePoint CVE-2013-1330 Remote Code Execution Vulnerability
Description Microsoft SharePoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the guest account on the SharePoint server. Failed exploit attempts will result in a denial-of-service condition. Technologies...
Microsoft Windows Uniscribe Font Parsing CVE-2013-3181 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability when handling crafted font data. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context of the...
Microsoft Windows CVE-2013-1291 OpenType Font Parsing Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. Successful exploits will allow attackers to cause the affected computer to stop responding and reboot, resulting in a denial-of-service condition. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Ava...