Multiple Ichitaro Products CVE-2014-7247 Unspecified Remote Code Execution Vulnerability

Description Multiple Ichitaro products are prone to an unspecified remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with admin privileges. Successful exploits will completely compromise affected computer. Technologies Affected JustSystems Ichitaro...

Microsoft Windows TCP/IP CVE-2014-4076 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 x64 Edition Service Pack 2...

Microsoft Internet Explorer CVE-2014-6347 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code and gain elevated privileges in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions...

Microsoft Internet Explorer CVE-2014-6323 Clipboard Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Internet Explorer 7, 8, 9, 10, and 11 are vulnerable. Technologies Affected Avaya Aura Conferencing Standa...

Microsoft Internet Explorer CVE-2014-6339 ASLR Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya Aura Conferencing Standar...

Microsoft Internet Explorer CVE-2014-6346 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...

Microsoft SharePoint Server CVE-2014-4116 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges in the context of the currently logged-in user. Successful exploits may aid in further attacks. Technologies...

Microsoft Windows CVE-2014-6322 Remote Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this vulnerability to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1...

Microsoft Office Bad Index CVE-2014-6334 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Microsoft Internet Explorer CVE-2014-6337 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-6341 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability

Description Adobe Flash Player and AIR are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...

Adobe Flash Player and AIR CVE-2014-0588 Use After Free Remote Code Execution Vulnerability

Description Adobe Flash Player and AIR are prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...

Microsoft Input Method Editor (IME) for Japanese Remote Privilege Escalation Vulnerability

Description Microsoft Input Method Editor IMEs for Japanese is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain escalated privileges within the context of the logged in user. Technologies Affected Microsoft Office 2007 IME Japanese Microsoft Windows...

Microsoft Windows Kernel TrueType Font Parsing CVE-2014-6317 Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability that occurs in the Windows kernel. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microso...

Microsoft Internet Explorer CVE-2014-6344 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Active Directory Federation Services CVE-2014-6331 Information Disclosure Vulnerability

Description Microsoft Active Directory Federation Services is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Microsoft Active Directory Federation Services 2.0...

Microsoft Windows Remote Desktop Protocol CVE-2014-6318 Security Bypass Vulnerability

Description Microsoft Windows Remote Desktop Protocol is prone to a security-bypass vulnerability. Successful exploits may allow an attacker to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Windows...

Microsoft Internet Explorer CVE-2014-6345 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...

Microsoft .NET Framework CVE-2014-4149 Remote Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the application; this can result in the attacker gaining complete control of the affected system. Technologies Affecte...

Microsoft Internet Explorer CVE-2014-6351 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft XML Core Services CVE-2014-4118 Remote Code Execution Vulnerability

Description Microsoft XML Core Services is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

Microsoft Internet Explorer CVE-2014-6343 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-6340 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...

Microsoft Office Invalid Pointer CVE-2014-6335 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Microsoft Internet Explorer CVE-2014-6342 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-4143 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-6348 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-6350 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 10, and 11 are vulnerable. Technologies Affected Avaya Aura Conferenci...

Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability

Description Microsoft Internet Information Services is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain unauthorized access; this may aid in launching further attacks. Note: This issue was previously titled 'Microsoft...

Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the application; this can result in the attacker gaining complete control of the affected system. Technologies Affected Avaya...

Microsoft Secure Channel CVE-2014-6321 Remote Code Execution Vulnerability

Description Microsoft Secure Channel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the target server. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Avaya Aura...

Microsoft Office Double Delete CVE-2014-6333 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Adobe Flash Player and AIR CVE-2014-0577 Type Confusion Remote Code Execution Vulnerability

Description Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...

Microsoft Internet Explorer CVE-2014-6353 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-6349 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 10 and 11 are vulnerable. Technologies Affected Avaya Aura Conferencin...

Symantec Endpoint Protection Manager Multiple Issues

SUMMARY The management console for Symantec Endpoint Protection Manager SEPM is susceptible to multiple vulnerabilities including XML External Entity Injection, reflected cross-site scripting and the potential for arbitrary file write/overwrite. AFFECTED PRODUCTS Product | Version | Build |...

Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code and gain elevated privileges in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions...

Microsoft Windows CVE-2014-4114 OLE Package Manager Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user...

Microsoft Internet Explorer CVE-2014-4123 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 7, 8, 9, 10, and 11 are vulnerable. Technologies Affected Avaya Aura...

Microsoft Internet Explorer CVE-2014-4134 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft .NET Framework CVE-2014-4122 ASLR Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilo...

Microsoft Windows 'Win32k.sys' TrueType Font Handling Remote Code Execution Vulnerability

Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...

Microsoft ASP.NET MVC CVE-2014-4075 Cross Site Scripting Vulnerability

Description Microsoft ASP.NET MVC is prone to a cross-site scripting vulnerability because it fails to properly encode user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could...

Microsoft .NET Framework 'iriParsing' Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected...

Microsoft Internet Explorer CVE-2014-4129 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-4141 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-4133 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-4113 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Exchange Server 2003 SP2 Microsoft Windows 7 for 32-bi...