Microsoft Windows Graphics Component CVE-2016-7257 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Office 2016 for Mac Microsoft Office for Mac 2011 Microsoft Windows 7 for...

Microsoft Internet Explorer and Edge CVE-2016-7282 Information Disclosure Vulnerability

Description Microsoft Internet Explorer and Edge are prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in...

Adobe Flash Player APSB16-39 Unspecified Use After Free Remote Code Execution Vulnerability

Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...

Microsoft Office CVE-2016-7262 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Exc...

Microsoft Office CVE-2016-7268 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...

Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7260 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Microsoft .NET Framework CVE-2016-7270 Information Disclosure Vulnerability

Description The Microsoft .NET Framework is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Successful exploits will lead to other attacks. Technologies Affected Microsoft .NET Framework 4.6.2 Microsoft Windows 10 Version 1607...

Microsoft Auto Updater for Mac CVE-2016-7300 Local Privilege Escalation Vulnerability

Description Microsoft Auto Updater for Mac is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Auto Updater for Mac Recommendations Permit local access for trusted...

Microsoft Office CVE-2016-7289 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Internet Explorer and Edge CVE-2016-7279 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...

Microsoft Windows Graphics Component CVE-2016-7259 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

Microsoft Office CVE-2016-7266 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Exc...

Microsoft Internet Explorer CVE-2016-7284 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 10 and 11 are vulnerable. Technologies Affected Microsoft Internet Explorer 10...

Microsoft Internet Explorer and Edge CVE-2016-7287 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...

Microsoft Office CVE-2016-7267 Security Bypass Vulnerability

Description Microsoft Office is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Excel 2010 Service Pack 2 32-bit editio...

Microsoft Office CVE-2016-7265 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2007 SP3 Microsoft Excel 2010 SP2 32-bit editions Microsoft Excel 2010 SP2 64-b...

Microsoft Office CVE-2016-7291 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...

Microsoft Office CVE-2016-7290 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...

Microsoft Office CVE-2016-7277 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Internet Explorer CVE-2016-7278 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 9, 10, and 11 are vulnerable. Technologies Affected Microsoft Internet Explorer ...

Microsoft Edge CVE-2016-7181 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Windows Crypto Driver CVE-2016-7219 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

Microsoft Windows Graphics Component CVE-2016-7273 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10...

Microsoft Edge CVE-2016-7297 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Edge CVE-2016-7280 Information Disclosure Vulnerability

Description Microsoft Edge is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to run arbitrary code and obtain sensitive information that may aid in...

Microsoft Edge CVE-2016-7206 Information Disclosure Vulnerability

Description Microsoft Edge is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successful exploits will allow attackers to run arbitrary code and obtain sensitive information that may aid in...

Microsoft Office CVE-2016-7263 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Edge CVE-2016-7286 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Windows Uniscribe CVE-2016-7274 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context of the currently logged-in user. Failed...

Microsoft Windows Installer CVE-2016-7292 DLL Loading Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft Internet Explorer CVE-2016-7283 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...

Microsoft Office CVE-2016-7264 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2007 SP3 Microsoft Excel 2016 for Mac Microsoft Excel Viewer Microsoft Excel fo...

Microsoft Windows CVE-2016-7295 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607...

Microsoft Office CVE-2016-7276 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2016 for Mac Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service...

Microsoft Edge CVE-2016-7296 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Office CVE-2016-7298 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Edge CVE-2016-7288 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Windows CVE-2016-7271 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

Microsoft Office CVE-2016-7275 DLL Loading Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Internet Explorer and Edge CVE-2016-7281 Security Bypass Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Internet Explorer 10, 11, and Edge are vulnerable...

Symantec VIP Access Desktop Arbitrary DLL Execution

SUMMARY Symantec has released an update to address a finding in VIP Access Desktop that could allow a local user to force VIP Access Desktop UI Manager to execute an arbitrary formatted DLL with logged-on user privileges. AFFECTED PRODUCTS Symantec VIP Access Desktop --- CVE | Affected Versions |...

SA134 : Linux Kernel Vulnerabilities Oct/Nov 2016

SUMMARY Blue Coat products that include a vulnerable version of the Linux kernel are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to cause denial of service through system crashes or have unspecified other...

SA135 : OpenSSL Vulnerabilities 10-Nov-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain SSL/TLS session key information. AFFECTED PRODUCTS The following products are vulnerable: Director -...

PHP 'php_sockop_write()' Denial of Service Vulnerability

Description PHP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.2 PHP PHP 7.3.3 PHP PHP 7.3.4 PHP PHP 7.3.5 PHP...

DLL Loading Issue in Symantec Enterprise Products

SUMMARY Symantec has released updates to address a DLL loading issue in Symantec IT Management Suite ITMS, Symantec Ghost Solution Suite GSS, Symantec Encryption Desktop SED, and Symantec Endpoint Virtualization SEV. AFFECTED PRODUCTS Symantec IT Management Suite 8.0 --- CVE | Affected Versions |...

Microsoft Windows CVE-2016-7225 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...

Microsoft Internet Explorer and Edge CVE-2016-7195 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...

Microsoft Edge CVE-2016-7208 Scripting Engine Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. This could allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed...

Microsoft Windows CVE-2016-7184 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...

Microsoft Edge CVE-2016-7243 Scripting Engine Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. This could allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed...