6867 matches found
Microsoft Internet Explorer CVE-2013-5047 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3902 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Office CVE-2013-5054 Office file Handling Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2013 32-bit editions Microsoft Office 2013 64-bit editions Microsoft Office 20...
Microsoft Word CVE-2013-3852 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Internet Explorer CVE-2013-3208 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8, 9, and 10 are...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3864 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Internet Explorer CVE-2013-3192 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information by conducting cross-site scripting attacks. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot Avaya...
Microsoft Internet Explorer CVE-2013-3189 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8 and 9 are affecte...
Microsoft Internet Explorer CVE-2013-3186 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with elevated privileges. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot...
Microsoft Internet Explorer CVE-2013-3194 Use After Free Memory Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a use-after-free memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 is...
Microsoft Internet Explorer CVE-2013-3143 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 and 10 are...
Microsoft Internet Explorer CVE-2013-3111 Use After Free Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8,9 and 10 are...
Microsoft Windows TCP/IP Driver CVE-2013-3138 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to stop responding, resulting in a denial-of-service condition. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7...
Microsoft Lync CVE-2013-1302 Remote Code Execution Vulnerability
Description Microsoft Lync is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Lync 2010 32-bit Microso...
Microsoft Publisher Negative Value Allocation CVE-2013-1316 Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Windows Kernel CVE-2013-1294 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot Avaya Communication Server 1000 Telephony Manager Avaya...
Microsoft SharePoint CVE-2013-0083 Cross Site Scripting Vulnerability
Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft SharePoint CVE-2013-0084 Directory Traversal Vulnerability
Description Microsoft SharePoint is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied data. A remote attacker could exploit this vulnerability using directory-traversal strings such as '../' to obtain sensitive information or elevate their...
Microsoft Internet Explorer CVE-2013-0087 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2013-0094 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows 'Win32k.sys' CVE-2013-1250 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1268 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
MantisBT CVE-2013-1934 HTML Injection Vulnerability
Description MantisBT is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied data. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...
Microsoft Windows TrueType Font CVE-2012-4786 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in kernel-mode. Failed attempts will cause a denial-of-service condition. Technologies Affected Microsoft Windows 7 for 32-bit Systems Microsoft...
Microsoft Internet Explorer CVE-2012-1524 Attribute Remove Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Conferencing...
Microsoft Internet Explorer CVE-2012-1873 Null Byte Handling Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 8 Microsoft Internet...
Microsoft Internet Explorer CVE-2012-1523 Center Element Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...
Microsoft Silverlight Double-Free CVE-2012-0176 Remote Code Execution Vulnerability
Description Microsoft Silverlight is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies Affected...
Symantec pcAnywhere awhost32 Denial of Service
SUMMARY A Denial of Service DoS exploit has been publicly released that can temporarily crash the awhost32 service for Symantec pcAnywhere. AFFECTED PRODUCTS Product | Version | Build | Solution ---|---|---|--- | | | Symantec pcAnywhere | 12.5.x | All | Upgrade to the latest release of pcAnywhere...
Microsoft Visio Viewer VSD File Format CVE-2012-0137 Remote Code Execution Vulnerability
Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Microsoft Windows ClickOnce Application Installer Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malformed file. Successful exploits can allow attackers to execute arbitrary code within the privileges of the user running the...
Microsoft Active Directory LDAPS Authentication Bypass Vulnerability
Description Microsoft Active Directory is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions by using a revoked certificate. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0...
Microsoft Internet Explorer Option Element CVE-2011-1996 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...
Microsoft Internet Explorer 'SwapNode()' CVE-2011-2000 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1888) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...
Microsoft Internet Explorer Link Properties Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...
Microsoft Windows Distributed File System Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. The issue affects the Windows Distributed File System DFS. An attacker can exploit this issue by sending a specially crafted DFS response to the affected application. Successfully exploiting this issue allows an...
Microsoft Excel Out of Bounds WriteAV CVE-2011-1279 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a boundary condition error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft PowerPoint (CVE-2011-1270) Remote Buffer Overflow Vulnerability
Description Microsoft PowerPoint is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will cause a denial-of-service condition. Technologies Affected...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1234) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1231) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0086) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
Microsoft Internet Explorer CVE-2010-3342 Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...
Microsoft Internet Explorer Uninitialized Object CVE-2010-3340 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Office FlashPix Image Converter (CVE-2010-3952) Multiple Buffer Overflow Vulnerabilities
Description Microsoft Office is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues by enticing an unsuspecting user into opening an Office document containing a special...
Microsoft Word Return Value Handling (CVE-2010-3215) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word (CVE-2010-3214) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Failover Clustering File Permissions Security Bypass Vulnerability
Description Microsoft Windows Failover Clustering is prone to a security-bypass vulnerability. Local attackers can exploit this issue to perform unauthorized actions against the administrative shares on the failover cluster disk. Technologies Affected Microsoft Windows Server 2008 R2 Itanium...
Microsoft Excel Record Format Parsing (CVE-2010-3232) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Outlook 'Online Mode' Remote Heap Buffer Overflow Vulnerability
Description Microsoft Outlook is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied data. Attackers can exploit this issue by enticing an unsuspecting user to preview or view a crafted email message. Successfully exploiting this issue wi...