All Vulnerabilities

An information disclosure vulnerability was discovered within Internet explorer when handling a specially crafted EMF file. A successful exploitation of this issue would allow an attacker to disclose information on the remote filesystem through a malicious web page.

A memory corruption vulnerability exists in Microsoft Office. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform remote code execution in the security context of the current user.

There is an unknown Java unserialization vulnerability in third-party Java libraries that could be used to remotely exploit Java based web applications. Serialization is a process in which an object is converted to a stream of bytes in order to store or transmit that object to memory or a file. The process in which serialized data is extracted is called unserialization and it can lead to major security issues if not handled properly.

Microsoft Internet Explorer and Edge are prone to an unspecified memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application.

Microsoft Windows PDF is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.

An out of bound memory access vulnerability was discovered within Microsoft Office. Successful exploitation of this vulnerability could allow an attacker to leak sensitive information that could be used to bypass memory protections such as ASLR and leverage the attack to execute arbitrary code on the remote system.

Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.

Cross-site scripting (XSS) vulnerability in Microsoft Active Directory Federation Services allows remote attackers to inject arbitrary web script or HTML via a crafted request.

Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.

Adobe Acrobat and Reader are prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.