6867 matches found
Microsoft Windows Client-Server Run-time Subsystem CVE-2016-0151 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Windows Hyper-V CVE-2016-0088 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Symantec ITMS Inventory Solution Application Denial Functionality Bypass
SUMMARY The Inventory Solution component of Symantecs IT Management Agent, the client portion of Symantec IT Management Suite ITMS powered by Altiris, can be configured to deny one or more applications from running on a windows managed client as part of IT management functions. A determined user...
Symantec Endpoint Protection Multiple Security Issues
SUMMARY Symantec Endpoint Protection SEP was susceptible to a number of security findings that could potentially result in an authorized but less privileged user gaining elevated access to the Management Console. SEP Client security mitigations can potentially be bypassed allowing arbitrary code...
Microsoft Windows CVE-2016-0018 DLL Loading Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft...
Microsoft Internet Explorer CVE-2015-6149 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Office CVE-2015-6092 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Windows CVE-2015-2478 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges on a targeted system. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Window...
Microsoft Internet Explorer and Edge CVE-2015-6078 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can take advantage of this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the...
Microsoft Windows Kernel Mode Driver CVE-2015-2527 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-1721 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1...
Microsoft Office CVE-2015-1759 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Internet Explorer CVE-2015-1743 Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 7, 8, 9, 10, and 11 are vulnerable. Technologies Affected Avaya...
Microsoft Internet Explorer CVE-2015-1713 Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 11 is vulnerable. Technologies Affected Avaya CallPilot 4.0 Avaya...
Microsoft Office CVE-2015-1682 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...
Microsoft Windows Journal File Processing CVE-2015-1699 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...
Microsoft Internet Explorer CVE-2015-1694 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Silverlight CVE-2015-1715 Privilege Escalation Vulnerability
Description Microsoft Silverlight is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the application; this can result in the attacker gaining complete control of the affected system. Technologies Affected Microsof...
Microsoft Internet Explorer CVE-2015-1667 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Adobe Flash Player CVE-2015-0338 Remote Integer Overflow Vulnerability
Description Adobe Flash Player is prone to an unspecified integer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies...
Microsoft Internet Explorer CVE-2015-1622 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-0056 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel TrueType Font Parsing CVE-2014-6317 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability that occurs in the Windows kernel. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microso...
Microsoft Internet Explorer CVE-2014-4087 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Symantec Endpoint Protection Local Client Application Device Control Buffer Overflow
SUMMARY Symantec is aware of a local access Symantec Endpoint Protection SEP client buffer overflow exploit that has been released publicly which could potentially cause a BSOD on the client or possibly allow unauthorized local privilege elevation on Symantec Endpoint Protection SEP clients...
Microsoft Internet Explorer CVE-2014-0310 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free condition. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Internet...
Microsoft VBScript CVE-2014-0271 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. Attackers can leverage this issue by enticing unsuspecting users to view a malicious webpage. Successful exploits would allow arbitrary code to run with the privileges of the currently logged-in user. Technologies...
Microsoft XML Core Services CVE-2014-0266 Information Disclosure Vulnerability
Description Microsoft XML Core Services MSXML is prone to an information-disclosure vulnerability. An attacker can leverage this issue to read files on the local file system or obtain sensitive information; this may aid in other attacks. Attackers can exploit this issue by enticing an unsuspectin...
Microsoft Exchange Server CVE-2013-5072 Cross Site Scripting Vulnerability
Description Microsoft Exchange Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Microsoft Internet Explorer CVE-2013-3910 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 6, 7, 8, and 9 are...
Microsoft Outlook CVE-2013-3905 Information Disclosure Vulnerability
Description Microsoft Outlook is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft Outlook 2007 Service Pack 3 Microsoft Outlook 2010 32-bit editio...
Microsoft Word CVE-2013-3160 XML Files Handling Information Disclosure Vulnerability
Description Microsoft Word is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2003 SP1 Microsoft Office 2003 SP2 Microsoft Office 2003 SP3 Microsoft Office 20...
Microsoft Word CVE-2013-3849 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1300 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...
Microsoft Windows Kernel CVE-2013-3136 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability that occurs in the Windows kernel because it fails to properly validate certain system calls. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in furth...
Microsoft .NET Framework CVE-2013-1337 Authentication Bypass Vulnerability
Description Microsoft .NET Framework is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain unauthorized access to the application. This allows attackers to obtain sensitive information and perform unauthorized actio...
Microsoft Internet Explorer JSON Array CVE-2013-1297 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Internet Explorer 6, 7, and 8 are vulnerable. Technologies Affected Avaya Aura Conferencing Standard Avaya...
Microsoft Windows DirectX Graphics Kernel CVE-2013-1332 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that is related to DirectX Graphics Kernel Subsystem. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of...
Microsoft Windows 'Win32k.sys' CVE-2013-1292 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0.0...
Microsoft Outlook CVE-2013-0095 Information Disclosure Vulnerability
Description Microsoft Outlook is prone to an information-disclosure vulnerability. Attackers may be able to exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2008 for Mac Microsoft Office 2011 for Mac...
Microsoft Windows TCP/IP TCP FIN WAIT CVE-2013-0075 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows attackers to restart the affected system, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0.0...
Microsoft Windows CVE-2013-0008 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft .NET Framework CVE-2013-0004 Remote Privilege Escalation Vulnerability
Description The Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attackers can exploit this issue to gain escalated privileges; this may result in the attacker gaining complete control of the affected system. Technologies Affected Microsoft .NET Framework 1.0...
Microsoft Internet Explorer 'CDwnBindInfo' Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Briefcase CVE-2012-1527 Integer Underflow Remote Code Execution Vulnerability
Description Microsoft Windows Briefcase is prone to a a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attempts may trigger a denial-of-service condition. Technologies...
Microsoft Windows CVE-2012-2527 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows Print Spooler CVE-2012-1851 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler service. Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges, which can result in the complete compromise of affected computers. Technologies Affected...
Symantec Web Gateway Security Issues
SUMMARY Symantec's Web Gateway management console is susceptible to multiple security issues that include remote command execution, local file inclusion, arbitrary password change and SQL injection security issues. Successful exploitation could result in unauthorized command execution on or acces...
Microsoft Lync CVE-2012-1849 DLL Loading Arbitrary Code Execution Vulnerability
Description Microsoft Lync is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link Library...
Microsoft Windows 'Win32k.sys' CVE-2012-1868 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...