6867 matches found
Microsoft Office CVE-2016-3279 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows Print Spooler CVE-2016-3238 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Windows...
Microsoft Internet Explorer CVE-2016-3261 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 11 is vulnerable. Technologies Affected Microsoft Internet Explorer 11...
Microsoft Internet Explorer CVE-2016-3204 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Windows Print Spooler CVE-2016-3239 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run arbitrary code with elevated system privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft...
Adobe Flash Player APSB16-25 Multiple Unspecified Memory Corruption Vulnerabilities
Description Adobe Flash Player is prone to multiple unspecified memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...
Microsoft Office CVE-2016-3282 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3250 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Edge CVE-2016-3244 ASLR Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Edge Recommendations Block externa...
Microsoft Windows CVE-2016-3287 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based System...
Microsoft Edge CVE-2016-3269 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently...
Microsoft Windows Kernel CVE-2016-3258 Security Bypass Vulnerability
Description Microsoft Windows is prone to a remote security-bypass vulnerability. A remote attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Edge and Internet Explorer XSS Filter CVE-2016-3273 Information Disclosure Vulnerability
Description Microsoft Edge and Internet Explorer are prone to an information-disclosure vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3286 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Internet Explorer CVE-2016-3240 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3254 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Adobe Acrobat and Reader APSB16-26 Multiple Unspecified Memory Corruption Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple unspecified memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition. Technologies Affected Adobe Acrobat...
Microsoft Internet Explorer CVE-2016-3241 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft .NET Framework CVE-2016-3255 XML External Entity Information Disclosure Vulnerability
Description The Microsoft .NET Framework is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information. Successful exploits may lead to other attacks. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework...
Microsoft Edge CVE-2016-3246 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Windows Kernel CVE-2016-3272 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability that occurs in the Windows kernel because it fails to properly validate certain system calls. An attacker can leverage this issue to disclose the kernel memory and obtain sensitive information that may aid in...
Microsoft Edge and Internet Explorer CVE-2016-3277 Information Disclosure Vulnerability
Description Microsoft Edge and Internet Explorer are prone to a information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Microsoft Internet Explorer 10 Microsoft Internet...
Microsoft Edge and Internet Explorer CVE-2016-3276 Spoofing Vulnerability
Description Microsoft Edge and Internet Explorer are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...
Microsoft Windows GDI Component CVE-2016-3251 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3252 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Internet Explorer CVE-2016-3242 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Edge CVE-2016-3271 Scripting Engine Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks...
Microsoft Edge CVE-2016-3265 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently...
Microsoft Edge and Internet Explorer CVE-2016-3274 Spoofing Vulnerability
Description Microsoft Edge and Internet Explorer are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...
Microsoft Internet Explorer CVE-2016-3243 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
SA128 : Multiple PCRE Vulnerabilities
SUMMARY Blue Coat products that include vulnerable versions of the PCRE and GLib2 libraries are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. The attacker can also cause denial of service...
Symantec Workspace Streaming and Workspace Virtualization Path Traversal and Arbitrary File Read
SUMMARY Symantec Workspace Streaming SWS and Workspace Virtualization SWV management consoles were susceptible to a path traversal in a file download configuration file that could allow a malicious user who could access the vulnerable file to view unauthorized application files of specific file...
PHP 'unserialize()' Denial of Service Vulnerability
Description PHP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Technologies Affected PHP PHP 5.6.29 PHP PHP 7.0 PHP PHP 7.0.0 PHP PHP 7.0.0beta3 PHP PHP 7.0.1 PHP PHP 7.0.10 PHP PHP 7.0.11 PHP PHP 7.0.12 PHP PHP 7.0....
Symantec Decomposer Engine Multiple Parsing Vulnerabilities
SUMMARY Symantec is aware of buffer overflow and memory corruption findings in the AntiVirus Decomposer engine used in various configurations by multiple Symantec products. FAQ on Impact to Symantec Products: AFFECTED PRODUCTS Affected Enterprise Products Product | Version | Solutions ---|---|---...
Symantec Endpoint Protection Multiple Security Issues
SUMMARY Symantec Endpoint Protection SEP was susceptible to a number of security vulnerabilities potentially resulting in a user being able to leverage elevated privilege or access to unauthorized files on the management console. Additionally, a race condition in the device control of a SEP clien...
SA127 : PacketShaper S-Series Insecure Cryptographic Parameters
SUMMARY The HTTPS web UI in PacketShaper S-Series 11.5 may use insecure cryptographic parameters for incoming management connections. A remote attacker who can be a man-in-the-middle, under certain circumstances, may be able to exploit this vulnerability to obtain user authentication credentials...
SA126 : OpenSSH Vulnerabilities January/April 2016
SUMMARY Blue Coat products that include a vulnerable version of OpenSSH are susceptible to two vulnerabilities. A malicious user with local shell access can escalate their privileges and execute arbitrary code with root privileges. A remote attacker acting as an SSH server can establish trusted X...
Microsoft Internet Explorer CVE-2016-3207 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Exchange Server CVE-2016-0028 Information Disclosure Vulnerability
Description Microsoft Exchange Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 are vulnerable. Technologies...
Microsoft Windows Diagnostics Hub CVE-2016-3231 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windo...
Microsoft Office CVE-2016-3233 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Internet Explorer CVE-2016-3211 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Edge CVE-2016-3222 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently...
Microsoft Office CVE-2016-3234 Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3221 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Windows PDF Library CVE-2016-3203 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
Microsoft Windows CVE-2016-3236 WPAD Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3218 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Edge CVE-2016-3198 Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Edge Microsoft Windows 10 for 32-bit...
Microsoft Internet Explorer and Edge CVE-2016-3202 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...