All Vulnerabilities

  • Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
     嚴重性:    
     公告日期:  2016年11月4日
    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. An attacker who successfully exploited this vulnerability could use the retrieved information to circumvent Address Space Layout Randomization (ASLR) in Windows, which helps guard against a broad class of vulnerabilities.
  • Microsoft SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability
     嚴重性:    
     公告日期:  2016年11月4日
    Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability."
  • WPS Office Multiple Memory Corruption Vulnerabilities
     嚴重性:    
     公告日期:  2016年10月26日
    A remote code execution vulnerability exists in WPS Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
  • Trend Micro Threat Intelligence Manager installs a secure web interface which listens for incoming requests. Several vulnerabilities have been found in the product that would allow a remote attacker to cause the product to execute arbitrary code.
  • RedHat JBoss application server is prone to a remote information disclosure vulnerability. The vulnerability gets exploited by sending malformed HTTP request to the vulnerable software. A successful exploitation of this vulnerability could lead to arbitrary file read on the server.
  • Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4137)
     嚴重性:    
     公告日期:  2016年10月26日
    Adobe Flash Player is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
  • A privilege escalation vulnerability exists when Microsoft Internet Explorer or Edge fails to properly secure private namespace. An attacker who successfully exploited this vulnerability could gain elevated permissions on the namespace directory of a vulnerable system and gain elevated privileges.
  • An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode.
  • Microsoft Windows Kernel Local Elevation Of Privilege Vulnerability (CVE-2016-0079)
     嚴重性:    
     公告日期:  2016年10月26日
    A local privilege escalation vulnerability was discovered within Microsoft Windows. It abuses the issue that a registry hive file will be opened in write mode if opening it in read mode fails. This, combined with the fact that the log files created when opening a hive in write mode are effectively owned by the system yet can also be modified by a user, allows normal users to overwrite critical system files. Successful exploitation of this issue may lead to local privilege escalation.
  • Microsoft Windows Kernel Local Elevation Of Privilege Vulnerability (CVE-2016-0075)
     嚴重性:    
     公告日期:  2016年10月26日
    A vulnerability was discovered within Microsoft Windows 10 that could lead to an arbitrary registry key access. The root cause of this vulnerability comes from kernel not checking for user while creating hardware profile subkeys in HKLM, which are created with full permission to the owner which is the user and also inherits the parent ACLs. A successfully exploitation of this issue could allow an attacker to elevate privileges when used for SymLink.