6867 matches found
Microsoft Windows TrueType Fonts CVE-2015-2455 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft Windows OpenType Fonts CVE-2015-2458 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Internet Explorer CVE-2015-2447 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-2443 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2433 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information, bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks. Technologies Affect...
Microsoft Windows Registry CVE-2015-2429 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the currently logged-in user. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...
Multiple Microsoft Products CVE-2015-2423 Local Information Disclosure Vulnerability
Description Multiple Microsoft products are prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2007 SP3 Microsoft Excel 2010 SP2 32-bit editions Microsoft...
Microsoft XML Core Services CVE-2015-2434 Man in the Middle Information Disclosure Vulnerability
Description Microsoft XML Core Services is prone to an information-disclosure vulnerability. Attackers can exploit this issue to disclose potentially sensitive information through man-in-the-middle attacks. Technologies Affected Microsoft Office 2007 SP2 Microsoft Windows 7 for 32-bit Systems SP1...
Microsoft XML Core Services CVE-2015-2471 Man in the Middle Information Disclosure Vulnerability
Description Microsoft XML Core Services is prone to an information-disclosure vulnerability. Attackers can exploit this issue to disclose potentially sensitive information through man-in-the-middle attacks. Technologies Affected Microsoft Office 2007 SP2 Microsoft Windows 7 for 32-bit Systems SP1...
Microsoft XML Core Services CVE-2015-2440 Information Disclosure Vulnerability
Description Microsoft XML Core Services is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. Technologies Affected Microsoft InfoPath 2007 SP3 Microsoft Office 2007 SP2 Microsoft Office 20...
Microsoft Windows OpenType Fonts CVE-2015-2432 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Internet Explorer and Edge CVE-2015-2446 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...
Microsoft Internet Explorer CVE-2015-2445 ASLR Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 10 is vulnerable. Technologies...
Microsoft Windows OpenType Fonts CVE-2015-2460 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft Windows WebDAV CVE-2015-2476 Man in the Middle Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information disclosure vulnerability. Attackers can exploit this issue to disclose potentially sensitive information through man-in-the-middle attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based...
Microsoft Office CVE-2015-2469 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Windows UDDI Services CVE-2015-2475 Cross Site Scripting Vulnerability
Description Microsoft Windows UDDI Services is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Microsoft Remote Desktop Protocol DLL Loading CVE-2015-2473 Remote Code Execution Vulnerability
Description Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Symantec Endpoint Protection Multiple Issues
SUMMARY The management console for Symantec Endpoint Protection Manager SEPM is susceptible to multiple vulnerabilities including SQL Injection, authentication bypass, possible path traversal and the potential for arbitrary file read/write. SEP clients are susceptible to a binary planting...
SA100 : Apache Tomcat Vulnerabilities
SUMMARY Blue Coat products using affected versions of Tomcat 8.x, 7.x, and 6.x are susceptible to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to gain unauthorized read access or escalated privileges, or to conduct denial of service, HTTP request smuggling, or...
Microsoft Windows OpenType Font Driver CVE-2015-2426 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Windows CVE-2015-2417 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....
Adobe Reader and Acrobat JavaScript API Execution Multiple Security Bypass Vulnerabilities
Description Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Adobe Acrobat 10.0 Adobe Acrobat 10.0.1 Adobe Acrobat 10.0.13 Adobe...
Microsoft Excel DLL Loading CVE-2015-2378 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Excel...
Microsoft Internet Explorer CVE-2015-1733 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2366 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....
Microsoft Office CVE-2015-2415 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Windows Kernel CVE-2015-2367 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory addresses and obtain sensitive information that may aid in further attacks. Note: This issue was previously titled 'Microsoft Windows Kernel...
Microsoft Internet Explorer CVE-2015-2402 Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a privilege escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 7, 8, 9, 10 and 11 are vulnerable. Technologies Affected Avaya CallPilot 4.0...
Microsoft Internet Explorer CVE-2015-2425 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows 'Netlogon' Service CVE-2015-2374 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....
Microsoft Internet Explorer CVE-2015-1729 Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...
Microsoft Windows CVE-2015-2416 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....
Microsoft SQL Server CVE-2015-1761 Privilege Escalation Vulnerability
Description Microsoft SQL Server is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 5.0 Avaya Meeting Exchange - Client Registration Server 5.0.1 Avaya Meeting...
Microsoft SQL Server CVE-2015-1762 Remote Code Execution Vulnerability
Description Microsoft SQL Server is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial-of-service condition; this can result in the attacker gaining...
Microsoft Windows Hyper-V CVE-2015-2362 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Internet Explorer CVE-2015-1738 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft DCOM RPC CVE-2015-2370 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevate privileges on a targeted system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.1.0 Avaya Meeting Exchange - Client...
Microsoft Internet Explorer CVE-2015-2419 JScript9 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0...
Microsoft Internet Explorer CVE-2015-2412 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 10, and 11 are vulnerable. Technologies Affected Avaya CallPilot 4.0 Avaya...
Microsoft Excel CVE-2015-2375 ASLR Security Bypass Vulnerability
Description Microsoft Excel is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Excel 2010 SP2 32-bit editions...
Microsoft Internet Explorer CVE-2015-2385 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Graphics Component CVE-2015-2364 Local Privilege Escalation Vulnerability
Description Microsoft Graphics Component is prone to a remote privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.1.0...
Microsoft Internet Explorer CVE-2015-2398 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to execute arbitrary script code in the context of the user running the application. This may allow the attacker to obtain sensitive information that may aid in further...
Microsoft Windows DLL Loading CVE-2015-2369 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Avaya CallPilot...
Microsoft Malicious Software Removal Tool DLL Loading Local Privilege Escalation Vulnerability
Description Microsoft Malicious Software Removal Tool is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with SYSTEM privileges. Technologies Affected Microsoft Malicious Software Removal Tool 5.25 Recommendations Permit loca...
Microsoft Internet Explorer CVE-2015-2383 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Office CVE-2015-2376 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Internet Explorer CVE-2015-2408 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-2411 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...