CVE-2015-5736 – Fortinet FortiClient 5.2.3 (Windows 10 x64 Creators) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-5736
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call. Vulnerabilidad en el driver Fortishield.sys en Fortinet FortiClient en versiones anteriores a 5.2.4, permite a usuarios locales ejecutar código arbitrario con privilegios de kernel mediante el establecimiento de la función callback en llamada ioctl en (1) 0x220024 o (2) 0x220028. Fortinet FortiClient version 5.2.3 (Windows 10 x64 Creators) suffers from a local privilege escalation vulnerability. • https://www.exploit-db.com/exploits/45149 https://www.exploit-db.com/exploits/41722 https://www.exploit-db.com/exploits/41721 http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html http://seclists.org/fulldisclosure/2015/Sep/0 http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient http://www • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-2432 – Microsoft Windows - 'ATMFD.DLL' Write to Uninitialized Address Due to Malformed CFF Table
https://notcve.org/view.php?id=CVE-2015-2432
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability." Vulnerabilidad en ATMFD.DLL en Windows Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1, permite a atacantes remotos ejecutar código arbitrario a través de fuente OpenType manipulada, también conocida como 'OpenType Font Parsing Vulnerability.' Researchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files. • https://www.exploit-db.com/exploits/37920 http://www.securitytracker.com/id/1033238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080 • CWE-19: Data Processing Errors •
CVE-2015-2433 – Microsoft Windows - Font Driver Buffer Overflow (MS15-078)
https://notcve.org/view.php?id=CVE-2015-2433
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability." Vulnerabilidad en el kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10, permite a atacantes locales evadir el mecanismo de protección ASLR a través de una aplicación manipulada, también conocida como 'Kernel ASLR Bypass Vulnerability.' • https://www.exploit-db.com/exploits/38222 http://www.securityfocus.com/bid/76213 http://www.securitytracker.com/id/1033238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080 https://github.com/vlad902/hacking-team-windows-kernel-lpe https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2015/september/exploiting-cve-2015-2426-and-how-i-ported-it-to-a-recent-windows-8.1-64-bit https://code.google.com/p/google-security-research/issues • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-2458 – Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads (MS15-021)
https://notcve.org/view.php?id=CVE-2015-2458
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2459 and CVE-2015-2461. Vulnerabilidad en ATMFD.DLL en Windows Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10, permite a atacantes remotos ejecutar código arbitrario a través de fuente OpenType manipulada, también conocida como 'OpenType Font Parsing Vulnerability', una vulnerabilidad diferente a CVE-2015-2459 y CVE-2015-2461. Researchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files. • https://www.exploit-db.com/exploits/37923 http://www.securitytracker.com/id/1033238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080 • CWE-20: Improper Input Validation •
CVE-2015-2459 – Microsoft Windows - 'ATMFD.DLL' CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access
https://notcve.org/view.php?id=CVE-2015-2459
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability," a different vulnerability than CVE-2015-2458 and CVE-2015-2461. Vulnerabilidad en ATMFD.DLL en Windows Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10, permite a atacantes remotos ejecutar código arbitrario a través de fuente OpenType manipulada, también conocida como 'OpenType Font Parsing Vulnerability', una vulnerabilidad diferente a CVE-2015-2458 y CVE-2015-2461. Researchers have encountered a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file. • https://www.exploit-db.com/exploits/37922 http://www.securitytracker.com/id/1033238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080 • CWE-20: Improper Input Validation •