CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 0CVE-2015-0091
https://notcve.org/view.php?id=CVE-2015-0091
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0092, and CVE-2015-0093. Adobe Font Driver en Microsoft Windows Server 2003 SP2,... • http://www.securityfocus.com/bid/72905 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 0CVE-2015-0092 – Microsoft Windows Type 1 Font callother Opcode Heap Buffer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0092
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0093. Adobe Font Driver en Microsoft Windows Server 2003 SP2,... • http://www.securityfocus.com/bid/72906 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 0CVE-2015-0093
https://notcve.org/view.php?id=CVE-2015-0093
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0091, and CVE-2015-0092. Adobe Font Driver en Microsoft Windows Server 2003 SP2,... • http://www.securityfocus.com/bid/72907 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.6EPSS: 0%CPEs: 12EXPL: 1CVE-2015-0095 – Microsoft Windows LNK File Code Execution
https://notcve.org/view.php?id=CVE-2015-0095
11 Mar 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service (NULL pointer dereference and blue screen), or obtain sensitive information from kernel memory and possibly bypass the ASLR protection mechanism, via a crafted application, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability." Los control... • https://packetstorm.news/files/id/144927 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 89%CPEs: 12EXPL: 3CVE-2015-0096 – Microsoft Windows .LNK DLL Planting Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0096
11 Mar 2015 — Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, leading to DLL loading during Windows Explorer access to the icon of a crafted shortcut, aka "DLL Planting Remote Code Execution Vulnerability." Vulnerabilidad de ruta de búsqueda no confi... • https://packetstorm.news/files/id/130801 • CWE-426: Untrusted Search Path •
CVSS: 4.3EPSS: 1%CPEs: 7EXPL: 3CVE-2015-0005 – Windows Pass-Through Authentication Methods Improper Validation
https://notcve.org/view.php?id=CVE-2015-0005
11 Mar 2015 — The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability." El servicio NETLOGON en Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 y R2 SP... • https://packetstorm.news/files/id/130773 • CWE-254: 7PK - Security Features •
CVSS: 5.5EPSS: 2%CPEs: 12EXPL: 0CVE-2015-0077 – Microsoft Windows NtUserfnINSTRINGNULL Information Leak Vulnerability
https://notcve.org/view.php?id=CVE-2015-0077
10 Mar 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize function buffers, which allows local users to obtain sensitive information from kernel memory, and possibly bypass the ASLR protection mechanism, via a crafted application, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability." Los controladores del modo de k... • http://www.securityfocus.com/bid/72897 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 62%CPEs: 12EXPL: 1CVE-2015-0081 – Microsoft Windows Text Services Out-Of-Bounds Memory Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0081
10 Mar 2015 — Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "WTS Remote Code Execution Vulnerability." Windows Text Services (WTS) en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8... • https://www.exploit-db.com/exploits/36336 • CWE-19: Data Processing Errors •
CVSS: 5.5EPSS: 1%CPEs: 12EXPL: 0CVE-2015-0094 – Microsoft Windows NtUserfnINOUTNCCALCSIZE Information Leak Vulnerability
https://notcve.org/view.php?id=CVE-2015-0094
10 Mar 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the availability of address information during a function call, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability." Los controladores de modo de kernel e... • http://www.securitytracker.com/id/1031897 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 53%CPEs: 12EXPL: 0CVE-2015-1637
https://notcve.org/view.php?id=CVE-2015-1637
06 Mar 2015 — Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1067. Schannel (también c... • http://web.archive.org/web/20150321220028/https://freakattack.com • CWE-310: Cryptographic Issues •