Page 29 of 213 results (0.096 seconds)

CVSS: 7.8EPSS: 60%CPEs: 2EXPL: 1

The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." El controlador de modo del kernel en Microsoft Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Win32k Elevation of Privilege Vulnerability". • https://www.exploit-db.com/exploits/39993 http://www.securitytracker.com/id/1036101 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-074 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 60%CPEs: 10EXPL: 1

atmfd.dll in the Adobe Type Manager Font Driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "ATMFD.dll Elevation of Privilege Vulnerability." atmfd.dll en el Adobe Type Manager Font Driver en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "ATMFD.dll Elevation of Privilege Vulnerability". The Adobe Type Manager Font Driver (ATMFD.DLL) responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode applications via an undocumented gdi32! • https://www.exploit-db.com/exploits/39991 http://www.securitytracker.com/id/1036101 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-074 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 81%CPEs: 21EXPL: 1

The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, and 3.5.1; Skype for Business 2016; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Graphics Memory Corruption Vulnerability." La librería font en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; Windows 10 Gold y 1511; Office 2007 SP3 y 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5 y 3.5.1; Skype for Business 2016; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1 y Live Meeting 2007 Console permite a atacantes remotos ejecutar código arbitrario a través de una fuente incrustada manipulada, también conocida como "Graphics Memory Corruption Vulnerability". A Microsoft Windows kernel crash exists in the win32k.sys driver while processing a corrupted TTF font file. • https://www.exploit-db.com/exploits/39743 http://www.securitytracker.com/id/1035528 http://www.securitytracker.com/id/1035529 http://www.securitytracker.com/id/1035530 http://www.securitytracker.com/id/1035531 http://www.securitytracker.com/id/1035532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 24%CPEs: 10EXPL: 1

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0167. El controlador kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Win32k Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0143 y CVE-2016-0167. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull driver. • https://www.exploit-db.com/exploits/44480 http://www.securitytracker.com/id/1035529 http://www.securitytracker.com/id/1035532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039 •

CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 1

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0165 and CVE-2016-0167. El controlador kernel-mode en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como "Win32k Elevation of Privilege Vulnerability", una vulnerabilidad diferente a CVE-2016-0165 y CVE-2016-0167. The attached testcases crashes Windows 7 64-bit while attempting to write to an unmapped memory region. On 32-bit Windows 7 it triggers a null pointer read. • https://www.exploit-db.com/exploits/39712 http://www.securityfocus.com/bid/85896 http://www.securitytracker.com/id/1035529 http://www.securitytracker.com/id/1035532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039 • CWE-264: Permissions, Privileges, and Access Controls •