Microsoft Edge CVE-2016-0024 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Windows MAPI DLL Loading CVE-2016-0020 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with elevated privileges. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Windows 7 for...

Microsoft Exchange Server CVE-2016-0031 Spoofing Vulnerability

Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Microsoft Exchange Server 2016 is...

Microsoft Exchange Server CVE-2016-0029 Spoofing Vulnerability

Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Microsoft Exchange Server 2016 is...

Microsoft Office CVE-2016-0035 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

Microsoft Edge CVE-2016-0003 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...

Microsoft Internet Explorer CVE-2016-0005 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 9, 10, and 11 are vulnerable. Technologies Affected Microsoft Internet...

Microsoft Exchange Server CVE-2016-0032 Spoofing Vulnerability

Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. The following versions are affected:...

Microsoft Windows Mount Point CVE-2016-0007 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges in the context of the Local System Account. Failed exploit attempts will result in a denial-of-service condition...

Microsoft DirectShow CVE-2016-0015 Remote Code Execution Vulnerability

Description Microsoft DirectShow is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Silverlight CVE-2016-0034 Remote Code Execution Vulnerability

Description Microsoft Silverlight is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies Affected...

Adobe Flash Player and AIR CVE-2015-8651 Unspecified Integer Overflow Vulnerability

Description Adobe Flash Player and AIR are prone to an unspecified integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...

SA107 : ProxySG and ASG Coaching Page Redirect

SUMMARY The URL displayed by ProxySG and ASG in a coaching page may differ from the actual URL that the user will be directed to after clicking Accept. A user who clicks on a specially crafted URL can be directed to an undesired or possibly malicious web site. AFFECTED PRODUCTS Advanced Secure...

SA106 : MySQL Vulnerabilities October 2015

SUMMARY Blue Coat products using affected versions of MySQL 5.5 and 5.6 are susceptible to multiple vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary code and gain unauthorized read, insert, update, or delete access to subsets of MySQL Server accessible data. The...

Symantec Endpoint Encryption Client Memory Dump Information Disclosure

SUMMARY Symantecs Endpoint Encryption SEE Client is susceptible to information disclosure if a user with access to a system hosting a client is able to force a client memory dump and access the content of the memory dump. This could result in unauthorized exposure of such things as stored...

SA105 : OpenSSL Vulnerabilities 3-Dec-2015

SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, 1.0.0 and 0.9.8 are susceptible to one or more vulnerabilities. A remote attacker may exploit these vulnerabilities to obtain private key information and information stored in the target's volatile memory. The attacker ca...

SA104 : OpenSSH Vulnerabilities

SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to multiple vulnerabilities. An attacker, with access to the management interface, may exploit these vulnerabilities to conduct brute-force password guessing attacks, bypass access restrictions, log in as a different...

Microsoft Office CVE-2015-6118 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...

Microsoft Internet Explorer CVE-2015-6149 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2015-6152 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Edge CVE-2015-6168 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed...

Microsoft Edge CVE-2015-6170 Remote Privilege Escalation Vulnerability

Description Microsoft Edge is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft Edge Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for...

Microsoft Office CVE-2015-6122 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...

Microsoft Internet Explorer CVE-2015-6145 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2015-6150 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2015-6162 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Windows CVE-2015-6125 DNS Use After Free Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits can allow attackers to execute arbitrary code within the context of the Local System Account. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft...

Microsoft Internet Explorer CVE-2015-6134 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer and Edge CVE-2015-6142 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...

Microsoft Internet Explorer and Edge CVE-2015-6155 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...

Microsoft Windows Graphics Component CVE-2015-6107 Memory Corruption Vulnerability

Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Live Meeting 2007 Console...

Microsoft Internet Explorer CVE-2015-6083 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. They can then execute arbitrary code in the context of the currently logged-in user. Failed attacks...

Adobe Flash Player and AIR APSB15-32 Multiple Unspecified Memory Corruption Vulnerabilities

Description Adobe Flash Player and AIR are prone to multiple unspecified memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service...

Microsoft Internet Explorer XSS Filter CVE-2015-6138 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. They can then execute arbitrary script code in the context of th...

Microsoft Internet Explorer and Edge CVE-2015-6139 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft Edge Microsoft Internet Explorer 11 Microsoft...

Microsoft Internet Explorer CVE-2015-6156 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Edge XSS Filter CVE-2015-6176 Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute arbitrary script code in the...

Microsoft Windows Kernel CVE-2015-6173 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...

Microsoft Windows Kernel CVE-2015-6174 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...

Microsoft Windows Graphics Component CVE-2015-6106 Memory Corruption Vulnerability

Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Live Meeting 2007 Console...

Microsoft Internet Explorer CVE-2015-6157 Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Microsoft Internet Explorer is prone to an information disclosure vulnerability because it discloses the contents of it's memory. Successful exploits will allow attackers to obtain sensitive information...

Microsoft Internet Explorer XSS Filter CVE-2015-6164 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute arbitrary script...

Microsoft Edge CVE-2015-6169 Spoofing Vulnerability

Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge Microsoft...

Microsoft Office CVE-2015-6177 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...

Microsoft Windows Uniscribe CVE-2015-6130 Integer Underflow Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Windows CVE-2015-6131 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...

Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Note: This issue was previously titl...

Microsoft Office CVE-2015-6124 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...

Microsoft Internet Explorer CVE-2015-6160 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2015-6143 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...