Microsoft Windows PDF Library CVE-2016-0058 Buffer Overflow Vulnerability

Description Microsoft Windows PDF library is prone to a buffer-overflow vulnerability because it fails to adequately bounds check user-supplied data before copying it to an insufficiently sized memory buffer.. An attacker can leverage this issue to execute arbitrary code in the context of the...

Microsoft Internet Explorer CVE-2016-0068 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 9, 10 and 11 are vulnerable. Technologies Affected Microsoft Internet...

Microsoft Internet Explorer CVE-2016-0060 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...

Microsoft Office CVE-2016-0056 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft Internet Explorer CVE-2016-0069 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 9, 10 and 11 are vulnerable. Technologies Affected Microsoft Internet...

Microsoft Windows Remote Desktop Protocol CVE-2016-0036 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Windows 10 for...

Microsoft Internet Explorer CVE-2016-0059 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 9, 10, 11 are vulnerable. Technologies Affected Microsoft Internet Explorer 10...

Microsoft Windows WebDAV CVE-2016-0051 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Windows 10 for...

Microsoft Edge CVE-2016-0084 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Edge and Internet Explorer CVE-2016-0077 Spoofing Vulnerability

Description Microsoft Edge and Internet Explorer are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...

Microsoft Internet Explorer CVE-2016-0072 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Office CVE-2016-0054 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft Internet Explorer CVE-2016-0063 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2016-0071 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Windows Kernel CVE-2016-0040 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...

Microsoft Windows Kerberos CVE-2016-0049 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...

Microsoft Windows Journal CVE-2016-0038 Memory Corruption Vulnerability

Description Microsoft Windows is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Internet Explorer CVE-2016-0067 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Office CVE-2016-0053 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft Windows CVE-2016-0044 DLL Loading Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to cause the system to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems...

Microsoft Internet Explorer CVE-2016-0064 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer and Edge CVE-2016-0061 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...

Microsoft Office CVE-2016-0055 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft SharePoint CVE-2016-0039 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Microsoft Office CVE-2016-0022 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft Network Policy Server RADIUS Implementation CVE-2016-0050 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. Successful exploits may allow the attacker to cause a denial of service condition. Technologies Affected Microsoft Windows Server 2008 R2 Itanium SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft...

Microsoft ASP.NET Templates Cross Site Request Forgery Vulnerability

Description Microsoft ASP.NET is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks. Technologies Affected Microsoft ASP.NET MVC 5.0...

Microsoft .NET Framework CVE-2016-0047 Information Disclosure Vulnerability

Description The Microsoft .NET Framework is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NE...

Microsoft Edge CVE-2016-0080 ASLR Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Edge Microsoft Windows 10 for 32-b...

Microsoft Windows Reader CVE-2016-0046 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...

Microsoft Office CVE-2016-0052 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft Windows CVE-2016-0042 DLL Loading Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft...

Microsoft Windows Kernel Mode Driver CVE-2016-0048 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...

Microsoft Active Directory Federation Services CVE-2016-0037 Denial of Service Vulnerability

Description Microsoft Active Directory Federation Services is prone to a denial of service vulnerability. Successful exploits may allow the attacker to cause the server to become non-responsive, resulting in denial of service conditions. Technologies Affected Microsoft Active Directory Federation...

Microsoft .NET Framework CVE-2016-0033 Stack Overflow Denial of Service Vulnerability

Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to degrade the server performance, causing a denial-of-service condition. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this ha...

SA110 : Java Deserialization Vulnerabilities

SUMMARY Blue Coat products that deserialize unsafe Java objects from untrusted sources are susceptible to one or more vulnerabilities. A remote attacker can exploit these vulnerabilities to cause the target to execute arbitrary code. AFFECTED PRODUCTS Cloud Data Protection for Salesforce CDP-SFDC...

SA109 : Multiple OpenSSH Vulnerabilities (January 2016)

SUMMARY Blue Coat products using affected 5.x and 6.x versions of OpenSSH are susceptible to multiple vulnerabilities. An attacker, with access to the management interface, may exploit these vulnerabilities to execute arbitrary code and obtain information from the target's process memory. The...

Microsoft SharePoint CVE-2015-6117 Security Bypass Vulnerability

Description Microsoft SharePoint is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft SharePoint Foundation 2013 SP1...

Microsoft VBScript CVE-2016-0002 Remote Memory Corruption Vulnerability

Description Microsoft VBScript is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the currently...

Microsoft Exchange Server CVE-2016-0030 Spoofing Vulnerability

Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. The following versions are affected:...

Microsoft Windows CVE-2016-0018 DLL Loading Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft...

Microsoft Office CVE-2016-0010 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft Windows Mount Point CVE-2016-0006 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges in the context of the LocalSystem Account. Failed exploit attempts will result in a denial of service condition...

Microsoft Windows DLL Loading CVE-2016-0014 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with elevated privileges. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Windows 10 for...

Microsoft Windows CVE-2016-0016 DLL Loading Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft...

Microsoft Windows Remote Desktop Protocol CVE-2016-0019 Security Bypass Vulnerability

Description Microsoft Windows Remote Desktop Protocol is prone to a security-bypass vulnerability. Successful exploits may allow an attacker to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Windows...

Microsoft SharePoint CVE-2016-0011 Security Bypass Vulnerability

Description Microsoft SharePoint is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft SharePoint Foundation 2013 SP1...

Microsoft Windows CVE-2016-0009 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft...

Microsoft Office CVE-2016-0012 ASLR Security Bypass Vulnerability

Description Microsoft Office is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Excel 2007 SP3 Microsoft Excel...

Microsoft Windows CVE-2016-0008 ASLR Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass Address Space Layout Randomization ASLR protection mechanisms and gain access to sensitive information. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microso...