6867 matches found
Microsoft SQL Server CVE-2014-4061 Local Denial of Service Vulnerability
Description Microsoft SQL Server is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause a system to stop responding, denying further service to legitimate users. Technologies Affected Microsoft SQL Server 2008 32bit SP3 Microsoft SQL Server 2008 R2 for 32-b...
Microsoft Internet Explorer CVE-2014-2825 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-4052 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-2792 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet explorer...
Microsoft Internet Explorer CVE-2014-1803 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet explorer ...
Microsoft Internet Explorer CVE-2014-1797 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-2776 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft XML Core Services CVE-2014-1816 Information Disclosure Vulnerability
Description Microsoft XML Core Services MSXML is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Avaya Aura Conferencing 6.0 SP1 Standar...
Microsoft Internet Explorer CVE-2014-1751 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...
Microsoft Internet Explorer CVE-2014-0284 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...
Microsoft Internet Explorer CVE-2013-5049 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...
Microsoft Internet Explorer CVE-2013-3206 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free error. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Interne...
Microsoft Word CVE-2013-3847 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1342 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Access CVE-2013-3157 Memory Corruption Vulnerability
Description Microsoft Access is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Access 2007 SP3 Microsoft...
Microsoft Internet Explorer CVE-2013-3207 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free error. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Interne...
Microsoft NAT Driver CVE-2013-3182 Denial of Service Vulnerability
Description Microsoft NAT Driver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive, denying service to legitimate users. Technologies Affected Microsoft Windows Server 2012 Recommendations Block external access at the...
Microsoft DirectShow CVE-2013-3174 Remote Code Execution Vulnerability
Description Microsoft DirectShow is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running an application that uses DirectShow. Failed exploit attempts will result in a denial-of-service condition...
Symantec Messaging Gateway Management Console Stored XSS
SUMMARY Symantec's Messaging Gateway 9.5.x management console is susceptible to stored cross-site scripting XSS issues found in some of the administrative interface pages. Successful exploitation could result in potential unauthorized privileged access to the management console. AFFECTED PRODUCTS...
Microsoft Remote Desktop ActiveX Control CVE-2013-1296 Remote Code Execution Vulnerability
Description The Microsoft Remote Desktop ActiveX control is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of...
Microsoft SharePoint CVE-2013-0080 Privilege Escalation Vulnerability
Description Microsoft SharePoint is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to escalate privileges and perform unauthorized actions. Technologies Affected Microsoft SharePoint Foundation 2010 SP1 Microsoft SharePoint Server 2010 SP1 Recommendations...
Microsoft Windows CVE-2013-1285 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Internet Explorer CVE-2013-0088 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows 'Win32k.sys' CVE-2013-1274 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1254 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1264 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1270 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1267 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Adobe Flash Player CVE-2013-0634 Remote Memory Corruption Vulnerability
Description Adobe Flash Player is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Microsoft Visual Studio Team Foundation Server CVE-2012-1892 Cross Site Scripting Vulnerability
Description Microsoft Visual Studio Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
PGP Universal Server Unauthorized Key Exposure
SUMMARY Symantecs PGP Universal Server, under specific circumstances, may inadvertently expose a PGP clients private key. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- PGP Universal Server | 3.2.x | PGP Universal Server 3.2.1 MP2 ISSUES CVSS2 Base Score | Impact | Exploitability |...
Microsoft Internet Explorer CVE-2012-1879 'insertAdjacentText()' Method Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...
Microsoft Internet Explorer CVE-2012-0168 Print Feature Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...
Microsoft Silverlight & .NET Framework Unmanaged Objects Remote Code Execution Vulnerability
Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service...
Symantec pcAnywhere Multiple Security Updates
SUMMARY Symantec pcAnywhere is susceptible to local file tampering elevation of privilege attempts and remote code execution attempts. It is possible to run arbitrary code on a targeted system in the context of the application which is normally System. Symantec pcAnywhere is also susceptible to...
Microsoft Active Directory CVE-2011-3406 Buffer Overflow Vulnerability
Description Microsoft Active Directory is prone to a buffer-overflow vulnerability. Successful exploits can allow attackers to execute arbitrary code with Network Service privileges. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Avaya Aura Conferencing...
Microsoft Pinyin IME (CVE-2011-2010) Local Privilege Escalation Vulnerability
Description Microsoft Pinyin IME is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may...
Microsoft Internet Explorer OnLoad Event CVE-2011-1997 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1879) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a buffer-overflow error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Excel Heap Memory Corruption CVE-2011-1275 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1232) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0666) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Visio Object Memory Corruption (CVE-2011-0092) Remote Code Execution Vulnerability
Description Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a...
Microsoft Office TIFF Image Converter (CVE-2010-3947) Heap Based Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a special...
Microsoft Word (CVE-2010-3217) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word Bookmark Handling (CVE-2010-3216) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Symantec Event Manipulation Potential Scan Bypass
SUMMARY On-demand scanning with Symantec AntiVirus can be bypassed by denying read access to user files. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- Symantec AntiVirus | 10.0.x | Upgrade to MR9 10.1.x Symantec AntiVirus | 10.2.x | Not Vulnerable Symantec Client Security | 3.0.x |...
Microsoft Excel 'PivotTable' Cache Record Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Sun Java SE November 2009 Multiple Security Vulnerabilities
Description Sun has released updates to address multiple security vulnerabilities in Java SE. Successful exploits may allow attackers to bypass certain security restrictions, run untrusted applets with elevated privileges, execute arbitrary code, and cause denial-of-service conditions. Other...