Microsoft Internet Explorer CVE-2015-2501 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Office CVE-2015-2521 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Microsoft Windows OpenType Fonts CVE-2015-2510 Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote buffer-overflow vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Avaya Meeting...

Microsoft Edge and Internet Explorer CVE-2015-2494 Remote Memory Corruption Vulnerability

Description Microsoft Edge and Internet Explorer are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...

Microsoft Office CVE-2015-2523 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Microsoft Skype for Business and Lync Server CVE-2015-2536 Cross Site Scripting Vulnerability

Description Microsoft Skype for Business and Lync Server are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Microsoft Windows Kernel Mode Driver CVE-2015-2518 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...

Microsoft Windows Journal CVE-2015-2513 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...

Microsoft Windows Journal CVE-2015-2514 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...

Microsoft Windows Kernel CVE-2015-2529 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange ...

Microsoft Windows Adobe Font Driver CVE-2015-2512 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange - Client...

Microsoft Windows Adobe Font Driver CVE-2015-2507 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange - Client...

Microsoft Internet Explorer and Edge CVE-2015-2486 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...

Microsoft Skype for Business and Lync Server CVE-2015-2531 Cross Site Scripting Vulnerability

Description Microsoft Skype for Business and Microsoft Skype Lync Server are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

Microsoft Windows Task Scheduler CVE-2015-2525 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges in the context of the affected computer. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0...

Microsoft .NET Framework CVE-2015-2479 Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system. Technologies...

Microsoft Windows TrueType Fonts CVE-2015-2463 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Windows Filesystem CVE-2015-2430 Remote Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the currently logged-in user. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...

Microsoft Windows TrueType Fonts CVE-2015-2435 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Live...

Microsoft Office CVE-2015-2466 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Windows OpenType Fonts CVE-2015-2462 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Internet Explorer and Edge CVE-2015-2441 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...

Microsoft Internet Explorer CVE-2015-2452 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer and Edge CVE-2015-2442 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...

Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2015-2450 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Windows Kernel CSRSS CVE-2015-2453 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges in the context of the logged-on user. This may facilitate a complete system compromise. Technologies...

Microsoft Windows Object Manager CVE-2015-2428 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks. Technologies...

Microsoft Office CVE-2015-2470 Integer Underflow Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Windows Server Message Block CVE-2015-2474 Memory Corruption Vulnerability

Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows Server 2008 for 32-bit Systems...

Microsoft System Center Operations Manager CVE-2015-2420 Cross Site Scripting Vulnerability

Description Microsoft System Center Operations Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities

Description Adobe Flash Player and AIR are prone to multiple remote code-execution vulnerabilities because of a use-after-free error. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely caus...

Microsoft .NET Framework CVE-2015-2480 Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system. Technologies...

Microsoft Office CVE-2015-2467 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Microsoft Remote Desktop Session Host CVE-2015-2472 Spoofing Vulnerability

Description Microsoft Remote Desktop Session Host is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. Attackers can exploit this issue to spoof and impersonate a legitimate user. Other attacks are also possible. Technologies Affected Microsoft SQL Server 200...

Microsoft Office CVE-2015-1642 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Microsoft Windows OpenType Fonts CVE-2015-2461 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...

Microsoft Windows OpenType Fonts CVE-2015-2459 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...

Microsoft .NET Framework CVE-2015-2481 Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system. Technologies...

Microsoft Office CVE-2015-2477 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Microsoft Windows Shell Security Feature CVE-2015-2465 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks...

Microsoft Windows Mount Manager CVE-2015-1769 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...

Microsoft Windows Kernel KMD Security Feature CVE-2015-2454 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks...

Microsoft Office Open Graphic Fonts CVE-2015-2431 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Live...

Microsoft Windows TrueType Fonts CVE-2015-2464 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...

Microsoft Internet Explorer CVE-2015-2451 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2015-2448 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer and Edge CVE-2015-2449 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. The following products are vulnerable:...

Microsoft Office CVE-2015-2468 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...