6867 matches found
Microsoft Internet Explorer Enhanced Protected Mode CVE-2013-5045 Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability in the Enhanced Protected Mode. An attacker can exploit this issue to bypass Enhanced Protected Mode restrictions and execute arbitrary code with elevated privileges. Technologies Affected Avaya Aura Conferencing...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3899 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Windows Kernel 'portcls.sys' CVE-2013-3907 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the audio port-class driver. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Avaya Aura Conferenci...
Microsoft Exchange Server CVE-2013-5072 Cross Site Scripting Vulnerability
Description Microsoft Exchange Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Microsoft Office CVE-2013-5057 ASLR Security Bypass Vulnerability
Description Microsoft Windows is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Office 2007 SP3 Microsoft Offic...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3902 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Internet Explorer CVE-2013-3908 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Internet Explorer 6.0 Microsoft...
Microsoft Internet Explorer CVE-2013-3910 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 6, 7, 8, and 9 are...
Microsoft Internet Explorer CVE-2013-3909 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 7.0 Microsoft...
Microsoft Windows Hyper-V CVE-2013-3898 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that exists in Hyper-V. A local attacker can exploit this issue to execute arbitrary code with SYSTEM level privileges on other guest virtual machines or cause the Hyper-V host to crash, denying service to...
Microsoft Windows XML Digital Signatures CVE-2013-3869 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails sanitize user-supplied input. An attacker can exploit this issue to cause the affected application to stop responding, denying service to legitimate users. Technologies Affected Avaya CallPilot 4.0...
Microsoft Internet Explorer CVE-2013-3916 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8, 9, 10, and 11 ar...
Microsoft Office WPD File Processing CVE-2013-1325 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Office WPD File CVE-2013-1324 Remote Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. Successful exploits will allow attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
Description libjpeg and libjpeg-turbo libraries are prone to a memory-corruption vulnerability. Attackers can exploit this issue to bypass Address Space Layout Randomization ASLR protection mechanisms of applications. This may aid in further attacks that may lead to arbitrary code execution...
Microsoft Windows Graphics Device Interface CVE-2013-3940 Remote Integer Overflow Vulnerability
Description Microsoft Windows is prone to a remote integer-overflow vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts may result in a denial-of-service condition. Technologies Affect...
Microsoft Internet Explorer CVE-2013-3911 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 and 10 are...
Microsoft Internet Explorer CVE-2013-3912 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8, 9, 10, and 11 ar...
Microsoft Internet Explorer CVE-2013-3917 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 6, 7, 8, 9, 10, and...
Microsoft Office WPD File CVE-2013-0082 Remote Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. Successful exploits will allow attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Internet Explorer CVE-2013-3871 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 6, 7, 8, 9, and 10...
Microsoft Windows Ancillary Function Driver CVE-2013-3887 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 7 for x64-based Systems SP1 Microsoft...
Microsoft Windows DirectAccess CVE-2013-3876 Security Bypass Vulnerability
Description Microsoft Windows DirectAccess is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and impersonate a legitimate server to perform man-in-the-middle attacks. Successfully exploiting this issue allows attackers to obtai...
Microsoft Internet Explorer CVE-2013-3914 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9, 10, and 11 are...
Microsoft Internet Explorer CVE-2013-3915 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 6, 7, 8, 9, 10, and...
Microsoft Outlook CVE-2013-3905 Information Disclosure Vulnerability
Description Microsoft Outlook is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft Outlook 2007 Service Pack 3 Microsoft Outlook 2010 32-bit editio...
Microsoft Windows 'icardie.dll' ActiveX Control CVE-2013-3918 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application typically Internet Explorer using the ActiveX control. Failed exploit attempts will likely result...
Multiple Microsoft Products CVE-2013-3906 Remote Code Execution Vulnerability
Description Multiple Microsoft products including Microsoft Windows, Microsoft Office, and Microsoft Lync are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which may lead to a complete...
Oracle Java SE CVE-2013-5838 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 7u25, Java SE Embedded 7u25 Technologies...
Symantec Management Platform Agent Static Service Key
SUMMARY The Symantec Management Platform agent and task agent installs a registry service key that is used to retrieve software packages from package servers. The registry key is locally accessible and can potentially be extracted and decrypted by an authorized local user using a static key commo...
Microsoft Internet Explorer CVE-2013-3886 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 and 10 are...
Microsoft Internet Explorer CVE-2013-3882 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 10 is affected...
Microsoft SharePoint CVE-2013-3895 Clickjacking Vulnerability
Description Microsoft SharePoint is prone to a clickjacking vulnerability. An attacker may leverage this issue to compromise the affected application or obtain sensitive information. Other attacks are also possible. Technologies Affected Microsoft Office SharePoint Server 2007 SP3 32-bit Microsof...
Microsoft Silverlight CVE-2013-3896 Information Disclosure Vulnerability
Description Microsoft Silverlight is prone to an information-disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow attackers to gain access to potentially sensitive information that may aid in furthe...
Microsoft Internet Explorer CVE-2013-3874 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 is affected...
Microsoft Excel CVE-2013-3889 Memory Corruption Vulnerability
Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Excel 2007 SP3 Microsoft...
Microsoft Word CVE-2013-3892 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Excel CVE-2013-3890 Memory Corruption Vulnerability
Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Excel 2007 SP3 Microsoft...
Microsoft Internet Explorer CVE-2013-3885 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 10 is affected...
Microsoft Internet Explorer CVE-2013-3875 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8 and 9 are affecte...
Microsoft Word CVE-2013-3891 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows App Container CVE-2013-3880 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit these issues to disclose sensitive information on the affected system. This information may be used in further attacks. Technologies Affected Avaya Aura Conferencing Standard Avaya...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3879 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Internet Explorer CVE-2013-3897 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 6, 7, 8, 9, 10, and...
Microsoft .NET Framework CVE-2013-3860 Remote Denial of Service Vulnerability
Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an application to crash or become unresponsive, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot Avaya...
Microsoft .NET Framework CVE-2013-3861 Remote Denial of Service Vulnerability
Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an application to crash or become unresponsive, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot Avaya...
Microsoft Windows OpenType Font Parsing CVE-2013-3128 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in kernel-mode. Failed attempts will cause a denial-of-service condition. Technologies Affected Avaya Aura Conferencing Standard Avaya CallPilot Avay...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3881 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Windows USB Descriptor CVE-2013-3200 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that is related to the DirectX Graphics Kernel Subsystem. An attacker with physical access can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...