6867 matches found
Microsoft Windows Kernel CVE-2016-3272 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability that occurs in the Windows kernel because it fails to properly validate certain system calls. An attacker can leverage this issue to disclose the kernel memory and obtain sensitive information that may aid in...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3286 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Office CVE-2016-3278 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Edge and Internet Explorer CVE-2016-3274 Spoofing Vulnerability
Description Microsoft Edge and Internet Explorer are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...
Microsoft Internet Explorer CVE-2016-3245 Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute arbitrary script code in the context of the us...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3249 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3254 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Windows Kernel CVE-2016-3256 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft Office CVE-2016-3284 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Edge and Internet Explorer CVE-2016-3277 Information Disclosure Vulnerability
Description Microsoft Edge and Internet Explorer are prone to a information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Microsoft Internet Explorer 10 Microsoft Internet...
Adobe Acrobat and Reader APSB16-26 Multiple Unspecified Memory Corruption Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple unspecified memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition. Technologies Affected Adobe Acrobat...
Microsoft Edge and Internet Explorer XSS Filter CVE-2016-3273 Information Disclosure Vulnerability
Description Microsoft Edge and Internet Explorer are prone to an information-disclosure vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute...
Microsoft Internet Explorer CVE-2016-3242 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Office CVE-2016-3279 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Office CVE-2016-3283 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Internet Explorer and Edge CVE-2016-3264 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Internet Explorer CVE-2016-3243 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Windows Print Spooler CVE-2016-3239 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run arbitrary code with elevated system privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft...
Adobe Flash Player APSB16-25 Multiple Use After Free Remote Code Execution Vulnerabilities
Description Adobe Flash Player is prone to multiple remote code-execution vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
Adobe Flash Player APSB16-25 Multiple Unspecified Memory Corruption Vulnerabilities
Description Adobe Flash Player is prone to multiple unspecified memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...
Microsoft Windows CVE-2016-3287 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based System...
Microsoft Office CVE-2016-3282 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Internet Explorer CVE-2016-3241 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Internet Explorer and Edge CVE-2016-3259 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Edge CVE-2016-3246 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Windows Kernel CVE-2016-3258 Security Bypass Vulnerability
Description Microsoft Windows is prone to a remote security-bypass vulnerability. A remote attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3250 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Edge CVE-2016-3269 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently...
Microsoft Internet Explorer and Edge CVE-2016-3248 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Edge CVE-2016-3244 ASLR Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Edge Recommendations Block externa...
Symantec Workspace Streaming and Workspace Virtualization Path Traversal and Arbitrary File Read
SUMMARY Symantec Workspace Streaming SWS and Workspace Virtualization SWV management consoles were susceptible to a path traversal in a file download configuration file that could allow a malicious user who could access the vulnerable file to view unauthorized application files of specific file...
SA128 : Multiple PCRE Vulnerabilities
SUMMARY Blue Coat products that include vulnerable versions of the PCRE and GLib2 libraries are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. The attacker can also cause denial of service...
PHP 'unserialize()' Denial of Service Vulnerability
Description PHP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Technologies Affected PHP PHP 5.6.29 PHP PHP 7.0 PHP PHP 7.0.0 PHP PHP 7.0.0beta3 PHP PHP 7.0.1 PHP PHP 7.0.10 PHP PHP 7.0.11 PHP PHP 7.0.12 PHP PHP 7.0....
Symantec Decomposer Engine Multiple Parsing Vulnerabilities
SUMMARY Symantec is aware of buffer overflow and memory corruption findings in the AntiVirus Decomposer engine used in various configurations by multiple Symantec products. FAQ on Impact to Symantec Products: AFFECTED PRODUCTS Affected Enterprise Products Product | Version | Solutions ---|---|---...
Symantec Endpoint Protection Multiple Security Issues
SUMMARY Symantec Endpoint Protection SEP was susceptible to a number of security vulnerabilities potentially resulting in a user being able to leverage elevated privilege or access to unauthorized files on the management console. Additionally, a race condition in the device control of a SEP clien...
SA127 : PacketShaper S-Series Insecure Cryptographic Parameters
SUMMARY The HTTPS web UI in PacketShaper S-Series 11.5 may use insecure cryptographic parameters for incoming management connections. A remote attacker who can be a man-in-the-middle, under certain circumstances, may be able to exploit this vulnerability to obtain user authentication credentials...
SA126 : OpenSSH Vulnerabilities January/April 2016
SUMMARY Blue Coat products that include a vulnerable version of OpenSSH are susceptible to two vulnerabilities. A malicious user with local shell access can escalate their privileges and execute arbitrary code with root privileges. A remote attacker acting as an SSH server can establish trusted X...
Microsoft Internet Explorer and Edge CVE-2016-3202 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Internet Explorer CVE-2016-0199 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Windows PDF Library CVE-2016-3203 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
Microsoft Windows CVE-2016-3236 WPAD Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3221 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Edge CVE-2016-3214 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently...
Microsoft Internet Explorer CVE-2016-3211 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows PDF Library CVE-2016-3215 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows ...
Microsoft Internet Explorer CVE-2016-3210 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Internet Explorer CVE-2016-3205 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Internet Explorer CVE-2016-3207 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Windows Group Policy CVE-2016-3223 Man in the Middle Security Bypass Vulnerability
Description Microsoft Windows is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologies Affecte...
Microsoft Windows Server Message Block CVE-2016-3225 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft...