Page 220 of 1100 results (0.030 seconds)

CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0

CVE-2020-0915 – Microsoft Windows splwow64 Untrusted Pointer Dereference Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2020-0915

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0916. Se presenta una vulnerabilidad de elevación de privilegios en la manera en que Windows Graphics Device Interface (GDI) maneja objetos en memoria, también se conoce como "Windows GDI Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-0916 This vulnerability allows local attackers to disclose information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode printer driver host process splwow64.exe. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0915 •

CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0

CVE-2020-0916 – Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2020-0916

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0915. Se presenta una vulnerabilidad de elevación de privilegios en la manera en que Windows Graphics Device Interface (GDI) maneja objetos en memoria, también se conoce como "Windows GDI Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-0915 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode printer driver host process splwow64.exe. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0916 •

CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0

CVE-2020-0986 – Microsoft Windows Kernel Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2020-0986

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316. Se presenta una vulnerabilidad de elevación de privilegios cuando el kernel de Windows presenta un fallo al manejar apropiadamente objetos en memoria, también se conoce como "Windows Kernel Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE- 2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316 This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode printer driver host process splwow64.exe. • http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986 • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 85%CPEs: 50EXPL: 1

CVE-2012-4969 – Microsoft Internet Explorer Use-After-Free Vulnerability

https://notcve.org/view.php?id=CVE-2012-4969

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. Vulnerabilidad de error en la gestión de recursos en la función CMshtmlEd::Exec en mshtml.dll en Microsoft Internet Explorer 6 a 9 permite a atacantes remotos ejecutar código arbitrario a través de un sitio web diseñado, como se ha explotado en septiembre de 2012. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CCommand::Exec function. It is possible to free certain objects in a callback function called from the CCommand::Exec function. • https://www.exploit-db.com/exploits/21840 http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-use-after-free-vulnerability-0day_en http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rb http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet http://technet.microsoft.com/security/advisory/2757760 http://www.kb.cert.org/vuls/id/480095 http://www.securitytracker.com/id?1027538 http •

CVSS: 9.3EPSS: 89%CPEs: 6EXPL: 0

CVE-2007-2224

https://notcve.org/view.php?id=CVE-2007-2224

Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow. En Object linking and embedding (OLE) Automation, tal como se usa en Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 y SP2, Office 2004 para Mac y Visual Basic versión 6.0 permite a los atacantes remotos ejecutar código arbitrario por medio del método substringData en un objeto TextNode, lo que causa un desbordamiento de enteros que conlleva a un desbordamiento de búfer. • http://secunia.com/advisories/26449 http://www.securityfocus.com/archive/1/476527/100/0/threaded http://www.securityfocus.com/bid/25282 http://www.securitytracker.com/id?1018560 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.vupen.com/english/advisories/2007/2867 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-043 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1248 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •