6867 matches found
Microsoft Windows Essentials CVE-2013-0096 URI Handling Information Disclosure Vulnerability
Description Microsoft Windows Essentials is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows Essentials 2011 Microsoft Windows Essentials 2012 Recommendations...
Microsoft Publisher Negative Value Allocation CVE-2013-1316 Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Visio CVE-2013-1301 Information Disclosure Vulnerability
Description Microsoft Visio is prone to a remote information-disclosure vulnerability. Attackers may be able to exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft Visio 2003 SP1 Microsoft Visio 2003 Microsoft Vis...
Microsoft Word CVE-2013-1335 Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which can lead to a complete compromise of the affected computer. Technologies Affected Microsoft Office 2003...
Microsoft Windows DirectX Graphics Kernel CVE-2013-1332 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that is related to DirectX Graphics Kernel Subsystem. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of...
Microsoft Publisher CVE-2013-1328 Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Internet Explorer CVE-2013-1307 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Publisher CVE-2013-1329 Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Internet Explorer CVE-2013-1312 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2013-1309 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Malware Protection Engine CVE-2013-1346 Remote Code Execution Vulnerability
Description Microsoft Malware Protection Engine is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code with LocalSystem account privileges. Failed exploit attempts will result in a denial-of-service condition. Microsoft Malware Protection...
Microsoft Publisher CVE-2013-1320 Remote Buffer Overflow Vulnerability
Description Microsoft Publisher is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of...
Microsoft Publisher CVE-2013-1323 Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Publisher CVE-2013-1318 Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft .NET Framework CVE-2013-1337 Authentication Bypass Vulnerability
Description Microsoft .NET Framework is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain unauthorized access to the application. This allows attackers to obtain sensitive information and perform unauthorized actio...
Microsoft Internet Explorer CVE-2013-1311 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Lync CVE-2013-1302 Remote Code Execution Vulnerability
Description Microsoft Lync is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Lync 2010 32-bit Microso...
Microsoft Publisher CVE-2013-1317 Remote Integer Overflow Vulnerability
Description Microsoft Publisher is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of...
Microsoft Internet Explorer JSON Array CVE-2013-1297 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Internet Explorer 6, 7, and 8 are vulnerable. Technologies Affected Avaya Aura Conferencing Standard Avaya...
Symantec Messaging Gateway Management Console Stored XSS
SUMMARY Symantec's Messaging Gateway 9.5.x management console is susceptible to stored cross-site scripting XSS issues found in some of the administrative interface pages. Successful exploitation could result in potential unauthorized privileged access to the management console. AFFECTED PRODUCTS...
IBM Lotus Notes CVE-2013-2977 Integer Overflow Vulnerability
Description IBM Lotus Notes is prone to an integer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of affected applications. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected IBM Lotus Notes 8...
Microsoft Internet Explorer CVE-2013-1347 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability
Description Oracle Java Runtime Environment is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass sandbox protection and perform unauthorized actions in the context of the application. This vulnerability affects the following supported versions: 7 Update 17 and...
Microsoft Remote Desktop ActiveX Control CVE-2013-1296 Remote Code Execution Vulnerability
Description The Microsoft Remote Desktop ActiveX control is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of...
Microsoft Windows Active Directory CVE-2013-1282 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause the LDAP service to become non-responsive, resulting in denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5....
Microsoft Windows 'Win32k.sys' CVE-2013-1283 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0.0...
Microsoft Windows CSRSS CVE-2013-1295 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that exists in the Client/Server Run-time Subsystem CSRSS. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete...
Microsoft Windows Defender for Windows 8 and Windows RT Local Privilege Escalation Vulnerability
Description Microsoft Windows Defender for Windows 8 and Windows RT is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of...
Microsoft Windows Kernel CVE-2013-1294 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot Avaya Communication Server 1000 Telephony Manager Avaya...
Microsoft Windows CVE-2013-1293 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and run arbitrary code in kernel mode. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0.0 Standard Ava...
Microsoft Internet Explorer CVE-2013-1304 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel CVE-2013-1284 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot Avaya Communication Server 1000 Telephony Manager Avaya...
Microsoft Windows 'Win32k.sys' CVE-2013-1292 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0.0...
Microsoft SharePoint CVE-2013-1290 Information Disclosure Vulnerability
Description Microsoft SharePoint is prone to a remote information-disclosure vulnerability. Attackers may be able to exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft SharePoint Server 2013 Recommendations Run a...
Microsoft Internet Explorer CVE-2013-1303 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows CVE-2013-1291 OpenType Font Parsing Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. Successful exploits will allow attackers to cause the affected computer to stop responding and reboot, resulting in a denial-of-service condition. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Ava...
Microsoft SharePoint CVE-2013-1289 HTML Injection Vulnerability
Description Microsoft SharePoint is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication...
Microsoft Internet Explorer CVE-2013-0094 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2013-0090 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft OneNote CVE-2013-0086 Information Disclosure Vulnerability
Description Microsoft OneNote is prone to an information-disclosure vulnerability. An attacker can exploit this issue to disclose sensitive information such as the username and password of configured accounts. Information obtained may aid in further attacks. Technologies Affected Microsoft OneNot...
Microsoft Visio Viewer VSD File Format CVE-2013-0079 Remote Code Execution Vulnerability
Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Microsoft Internet Explorer CVE-2013-1288 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2013-0088 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2013-0092 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows CVE-2013-1286 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft SharePoint CVE-2013-0085 Denial of Service Vulnerability
Description Microsoft SharePoint is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive, denying service to legitimate users. Technologies Affected Microsoft SharePoint Foundation 2010 SP1 Microsoft SharePoint Server 2010...
Microsoft Outlook CVE-2013-0095 Information Disclosure Vulnerability
Description Microsoft Outlook is prone to an information-disclosure vulnerability. Attackers may be able to exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2008 for Mac Microsoft Office 2011 for Mac...
Microsoft SharePoint CVE-2013-0083 Cross Site Scripting Vulnerability
Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Windows CVE-2013-1285 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows CVE-2013-1287 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...