6867 matches found
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1883) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1886) Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability that occurs in the Windows kernel because it fails to properly validate certain function parameters. Successfully exploiting this issue allows attackers to obtain sensitive information that may aid in further...
Microsoft Windows CSRSS 'SrvSetConsoleNumberOfCommands()' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1881) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...
Microsoft Windows CSRSS 'SrvWriteConsoleOutput()' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1884) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1885) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1878) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1877) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1880) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1888) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...
Microsoft Windows CSRSS 'SrvWriteConsoleOutputString()' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows Bluetooth Stack 'bthport.sys' Driver Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Technologies Affected Microsoft Windows 7 Home Premium...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1876) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows CSRSS 'SrvSetConsoleLocalEUDC()' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1882) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows CSRSS 'AllocConsole()' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1887) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1879) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1875) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Symantec Web Gateway Blind SQL Injection
SUMMARY Symantecs Web Gateway management GUI is susceptible to blind SQL injection which could result in the injection of arbitrary code into the backend database. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Web Gateway | 4.5.x | Upgrade to Symantec Web Gateway 5.0.1 ISSUE...
JustSystems Ichitaro Memory Management Program Remote Heap Buffer Overflow Vulnerability
Description JustSystems Ichitaro is prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows 'AFD.sys' Driver Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the ancillary function driver AFD. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits will result in the complete compromise of affected...
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability that affects the 'toStaticHTML' API. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya...
Microsoft Internet Explorer HTTP Redirect Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...
Microsoft Object Linking and Embedding (OLE) Automation WMF File Remote Code Execution Vulnerability
Description Microsoft Object Linking and Embedding OLE Automation is prone to a remote code-execution vulnerability because of an underflow error. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage or a specially crafted file. Successful exploits will...
Microsoft Silverlight & .NET Framework Invalid Array Offset Remote Code Execution Vulnerability
Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service conditio...
Microsoft Hyper-V VMBus 'vmswitch.sys' Denial of Service Vulnerability
Description Microsoft Hyper-V is prone to a local denial-of-service vulnerability. Using a guest system, a local attacker can exploit this issue to force the Hyper-V server to become unresponsive, denying service to legitimate users. The denial-of-service conditions would also affect other guest...
Microsoft Internet Explorer VML Memory Corruption CVE-2011-1266 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits may allow attackers to execute arbitrary code with...
Microsoft XML External Entities Resolution CVE-2011-1280 Information Disclosure Vulnerability
Description Microsoft XML editor is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by enticing an unsuspecting user to visit a specially crafted...
Microsoft Windows SMB Server Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the SMB server, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0 Microsoft Windows...
Microsoft Excel Insufficient Record Validation CVE-2011-1272 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Out of Bounds WriteAV CVE-2011-1279 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a boundary condition error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Improper Record Parsing CVE-2011-1273 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Internet Explorer DOM Handling Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...
Microsoft Excel Heap Memory Corruption CVE-2011-1275 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Internet Explorer Drag and Drop Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...
Microsoft Excel Array Out Of Bounds Access CVE-2011-1274 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a boundary condition error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Windows Distributed File System Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. The issue affects the Windows Distributed File System DFS. An attacker can exploit this issue by sending a specially crafted DFS response to the affected application. Successfully exploiting this issue allows an...
Microsoft Windows Server Message Block Client Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. The issue affects the Microsoft Server Message Block SMB client. An attacker can exploit this issue by sending a specially crafted SMB response to the affected application. Successfully exploiting this issue allows a...
Microsoft Windows Distributed File System Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to restart the affected system, therefore denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0...
Microsoft Excel Memory Corruption CVE-2011-1277 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Internet Explorer Drag and Drop Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access content from another domain or security zone. This may allow the attacker to obtain sensitive information that may aid in further attacks...
Microsoft Internet Explorer MIME Sniffing Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access content from another domain or security zone. This may allow the attacker to obtain sensitive information, which may aid in further attacks...
Microsoft Internet Explorer Layout Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability because of a use-after-free error. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service...
Microsoft Internet Explorer DOM Editing Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...
Microsoft Internet Explorer Link Properties Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...
Adobe Acrobat and Reader CVE-2011-2097 Remote Buffer Overflow Vulnerability
Description Adobe Acrobat and Reader are prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 10.1 are affected. Technologies Affected Ado...
Microsoft Windows 'win32k.sys' OpenType Font Parsing Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in the kernel-mode. Failed attempts will cause a denial-of-service condition. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya...
Microsoft Forefront Threat Management Gateway (TMG) Firewall Client Memory Corruption Vulnerability
Description Microsoft Forefront Threat Management Gateway TMG Firewall client is prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed attacks may cause a denial-of-service condition...