6867 matches found
Microsoft Publisher Size Value Heap Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Internet Explorer Uninitialized Object CVE-2010-3343 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Windows OpenType Font (OTF) Driver CMAP Table Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...
Microsoft Internet Explorer Uninitialized HTML Element CVE-2010-3346 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Office TIFF Image Converter (CVE-2010-3947) Heap Based Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a special...
Microsoft Office FlashPix Image Converter (CVE-2010-3952) Multiple Buffer Overflow Vulnerabilities
Description Microsoft Office is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues by enticing an unsuspecting user into opening an Office document containing a special...
Microsoft Publisher Array Index Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...
Microsoft Windows 'Win32k.sys' Cursor Linking Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Exchange Server 2007 Infinite Loop Remote Denial of Service Vulnerability
Description Microsoft Exchange Server is prone to a remote denial-of-service vulnerability. A successful exploit will allow a remote attacker to cause the application to stop responding, denying service to legitimate users. The issue affects Microsoft Exchange Server 2007 Service Pack 2 for...
Microsoft SharePoint Malformed SOAP Request Remote Code Execution Vulnerability
Description Microsoft SharePoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the privileges of the guest account on the SharePoint server. Failed exploit attempts will result in a denial-of-service condition. Technologies...
Microsoft Windows Kernel NDProxy Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
Microsoft Windows CVE-2010-3941 'Win32k.sys' Double Free Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Internet Explorer CVE-2010-3342 Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...
Microsoft Windows BranchCache DLL Loading Arbitrary Code Execution Vulnerability
Description Microsoft Windows is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable system to open a file from a network share location that contains a specially crafted Dynamic Link Library D...
Microsoft Publisher 'pubconv.dll' Array Index Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher 97 format file. Successfully exploiting this issue allows attackers to execute arbitrary code in the...
Microsoft Office CGM Image Converter (CVE-2010-3945) Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted...
Microsoft Windows Consent User Interface Registry Key Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in Consent User Interface. An attacker can exploit this issue to execute arbitrary code with 'LocalSystem' privileges. Successful exploits will result in the complete compromise of affected computers...
Microsoft Office PICT Image Converter (CVE-2010-3946) Integer Overflow Vulnerability
Description Microsoft Office is prone to a remote integer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document that contains a specially...
Microsoft Windows OpenType Font (OTF) Driver Invalid Array Index Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...
Microsoft Internet Explorer CVE-2010-3348 Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...
Microsoft 'Netlogon' RPC Null Pointer Dereference Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to restart the affected server, denying service to legitimate users. NOTE: A remote attacker must have administrator privileges on a machine in the same domain to leverage this...
Microsoft Windows OpenType Font (OTF) Driver Double-Free Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...
Microsoft Office TIFF Image Converter (CVE-2010-3950) Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted Tagged Image File Format TIFF image. Successfully exploiting this issue allows...
Microsoft Internet Explorer Select HTML Element Use-After-Free Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Windows CVE-2010-3944 'Win32k.sys' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Office FlashPix Image Converter (CVE-2010-3951) Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document that contains a specially craft...
Microsoft Office TIFF Image Converter (CVE-2010-3949) Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted...
Microsoft Windows User Access Control (UAC) Bypass Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that affects the 'RtlQueryRegistryValues' API function. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of...
PGP Desktop Unsigned Data Insertion
SUMMARY PGP Desktop versions are vulnerable to a data insertion vulnerability. Unsigned insecure data could be inserted into OpenPGP messages signed by a trusted source. When the message is decrypted and verified, PGP Desktop may incorrectly identify the message as being fully valid. AFFECTED...
Microsoft Forefront Unified Access Gateway Spoofing Vulnerability
Description Microsoft Forefront Unified Access Gateway UAG is prone to a spoofing vulnerability. An attacker can exploit this issue to spoof a UAG server or redirect legitimate network traffic intended for a UAG server. This may allow the attacker to masquerade as a legitimate server, aiding in...
Microsoft PowerPoint 'PP7X32.DLL' (CVE-2010-2572) Remote Heap-Based Buffer Overflow Vulnerability
Description Microsoft PowerPoint is prone to a remote heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will cause a denial-of-service condition. Technologies...
Microsoft Office Art Drawing Record Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to corrupt memory and execute arbitrary code in the context of the...
Microsoft Office RTF File Stack Buffer Overflow Vulnerability
Description Microsoft Office is prone to a remote stack-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue by enticing a victim to open a malicious RTF file or view an email in RTF format...
Microsoft Office Drawing Exception Handling Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing an unsuspecting victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to corrupt memory and execute arbitrary code in the...
Microsoft Forefront Unified Access Gateway 'Signurl.asp' Cross-Site Scripting Vulnerability
Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Microsoft PowerPoint (CVE-2010-2573) Heap Corruption Vulnerability
Description Microsoft PowerPoint is prone to a remote heap-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code with user-level privileges, facilitating the complete compromise of an affected computer. Failed exploit attempts will result in a denial-of-service...
Microsoft Forefront Unified Access Gateway Mobile Portal Cross-Site Scripting Vulnerability
Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Microsoft Office Large SPID Read AV Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successfully exploiting this issue would allow the attacker to corrupt memory and execute arbitrary code in the context of the...
Microsoft Forefront Unified Access Gateway Web Monitor Cross-Site Scripting Vulnerability
Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because Web Monitor fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Adobe Reader 9.4 Remote Memory Corruption Vulnerability
Description Adobe Reader is prone to a remote memory-corruption vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Adobe Reader versions...
JustSystems Ichitaro Multiple Remote Code Execution Vulnerabilities
Description Ichitaro is prone to multiple remote code-execution vulnerabilities. Attackers may exploit these issues to execute arbitrary code within the context of the vulnerable application. Failed attempts will result in a denial-of-service condition. Ichitaro versions 2004 through 2010 are...
Adobe Flash Player CVE-2010-3643 Remote Memory Corruption Vulnerability
Description Adobe Flash Player is prone to a remote memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. NOTE: This iss...
Adobe Flash Player CVE-2010-3648 Remote Memory Corruption Vulnerability
Description Adobe Flash Player is prone to a remote memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. NOTE: This iss...
Microsoft Internet Explorer CSS Tags Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...
Adobe Acrobat, Reader, and Flash CVE-2010-3654 Remote Code Execution Vulnerability
Description Adobe Acrobat, Reader, and Flash are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. The following products are affected: Adobe Flash Player 10.1.85.3 and prior for...
Microsoft Word Bookmark Handling (CVE-2010-3216) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word Uninitialized Pointer (CVE-2010-2747) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word (CVE-2010-3220) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Formula Substream (CVE-2010-3234) Memory Corruption Vulnerability
Description Microsoft Excel is prone to a memory corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Record Validation (CVE-2010-3240) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...