6867 matches found
Microsoft Office CVE-2015-2467 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft .NET Framework CVE-2015-2480 Privilege Escalation Vulnerability
Description Microsoft .NET Framework is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system. Technologies...
Microsoft Internet Explorer CVE-2015-2404 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-1767 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2360 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges within the context of another user. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7...
Microsoft Internet Explorer CVE-2015-1765 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Microsoft Internet Explorer 9, 10 and 11 are vulnerable. Technologies Affected Avaya CallPilot 4.0...
Microsoft Windows Kernel Mode Driver CVE-2015-1720 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsof...
Microsoft Internet Explorer CVE-2015-1737 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel Mode Driver CVE-2015-1680 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information such as kernel memory contents. This may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP...
Microsoft SharePoint CVE-2015-1700 Multiple Remote Code Execution Vulnerabilities
Description Microsoft SharePoint is prone to multiple remote code-execution vulnerabilities. An attacker can leverage these issues to execute arbitrary code in the context of the W3WP service account user. Technologies Affected Microsoft SharePoint Foundation 2010 SP2 Microsoft SharePoint...
Microsoft Windows Journal File Processing CVE-2015-1696 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...
Microsoft Windows Adobe Font Driver CVE-2015-0074 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions, denying service to legitimate users. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....
Microsoft Exchange Server CVE-2015-1629 Cross Site Scripting Vulnerability
Description Microsoft Exchange Server is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow...
Microsoft Internet Explorer CVE-2015-0040 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Symantec Deployment Solution AClient Memory Overwrite
SUMMARY An arbitrary memory overwrite vulnerability exists in a Symantec Deployment Solution agent allowing a local and authorized malicious user to potentially elevate privileges on the local system. This vulnerability applies to Windows XP SP3 or Windows Server 2003 SP2 only. AFFECTED PRODUCTS...
Symantec Web Gateway OS Authenticated Command Injection
SUMMARY Symantec's Web Gateway SWG Appliance management console is susceptible to operating system command injection by an authenticated but less-privileged user. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Web Gateway Appliance | 5.2.1 and prior | Symantec Web Gateway 5.2...
Microsoft Internet Explorer CVE-2014-4090 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-4059 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-4086 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-4085 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-2758 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet explorer ...
Microsoft Internet Explorer CVE-2014-1794 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Symantec Workspace Streaming XMLRPC Unauthenticated Access
SUMMARY The management server for Symantec Workspace Streaming SWS does not properly handle external XMLRPC requests, which could potentially allow unauthorized access to restricted server-side data and server functionality. A remote user could potential create a backdoor on the targeted server...
Microsoft Internet Explorer CVE-2014-1753 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing Standard Avaya...
Microsoft Internet Explorer CVE-2014-0304 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...
Microsoft Internet Explorer CVE-2014-0276 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3902 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Office CVE-2013-5054 Office file Handling Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2013 32-bit editions Microsoft Office 2013 64-bit editions Microsoft Office 20...
Microsoft Internet Explorer CVE-2013-5047 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...
Microsoft Internet Explorer CVE-2013-3914 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9, 10, and 11 are...
Microsoft Word CVE-2013-3852 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3864 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Internet Explorer CVE-2013-3208 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8, 9, and 10 are...
Microsoft Internet Explorer CVE-2013-3192 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information by conducting cross-site scripting attacks. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot Avaya...
Microsoft Internet Explorer CVE-2013-3189 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8 and 9 are affecte...
Microsoft Internet Explorer CVE-2013-3186 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with elevated privileges. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot...
Microsoft Internet Explorer CVE-2013-3194 Use After Free Memory Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a use-after-free memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 is...
Microsoft Internet Explorer CVE-2013-3143 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 and 10 are...
Microsoft Internet Explorer CVE-2013-3111 Use After Free Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8,9 and 10 are...
Microsoft Windows TCP/IP Driver CVE-2013-3138 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to stop responding, resulting in a denial-of-service condition. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7...
Microsoft Lync CVE-2013-1302 Remote Code Execution Vulnerability
Description Microsoft Lync is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Lync 2010 32-bit Microso...
Microsoft Publisher Negative Value Allocation CVE-2013-1316 Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Windows Kernel CVE-2013-1294 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot Avaya Communication Server 1000 Telephony Manager Avaya...
Microsoft SharePoint CVE-2013-0083 Cross Site Scripting Vulnerability
Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft SharePoint CVE-2013-0084 Directory Traversal Vulnerability
Description Microsoft SharePoint is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied data. A remote attacker could exploit this vulnerability using directory-traversal strings such as '../' to obtain sensitive information or elevate their...
Microsoft Internet Explorer CVE-2013-0094 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2013-0087 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows 'Win32k.sys' CVE-2013-1250 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1268 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1262 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...