CVSS: 9.3EPSS: 40%CPEs: 6EXPL: 0CVE-2015-1645 – Microsoft Windows GDI "MRSETDIBITSTODEVICE ::bPlay()" EMF Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2015-1645
14 Apr 2015 — Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulnerability." Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, y Windows 7 SP1 permiten a atacantes remotos ejecutar código arbitrario a través de una imagen Enhanced Metafile (EMF) manipulada, también conocido como 'vulnerabil... • http://packetstormsecurity.com/files/131457/Microsoft-Windows-GDI-MRSETDIBITSTODEVICE-bPlay-EMF-Parsing-Memory-Corruption.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 1%CPEs: 12EXPL: 0CVE-2015-0073
https://notcve.org/view.php?id=CVE-2015-0073
11 Mar 2015 — The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict changes to virtual stores, which allows local users to gain privileges via a crafted application, aka "Registry Virtualization Elevation of Privilege Vulnerability." La característica Windows Registry Virtualization en el kernel en Microsoft Windows Vista SP2... • http://www.securityfocus.com/bid/72908 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 16%CPEs: 12EXPL: 0CVE-2015-0074
https://notcve.org/view.php?id=CVE-2015-0074
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate memory, which allows remote attackers to cause a denial of service via a crafted (1) web site or (2) file, aka "Adobe Font Driver Denial of Service Vulnerability." Adobe Font Driver en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, W... • http://www.securityfocus.com/bid/72892 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2015-0075
https://notcve.org/view.php?id=CVE-2015-0075
11 Mar 2015 — The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Impersonation Level Check Elevation of Privilege Vulnerability." El kernel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, y Windows 7 SP1 limita correctamente los niveles de la suplantación, lo que permite a usuarios loc... • http://www.securityfocus.com/bid/72915 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 22%CPEs: 12EXPL: 0CVE-2015-0080
https://notcve.org/view.php?id=CVE-2015-0080
11 Mar 2015 — Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for rendering of malformed PNG images, which allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Malformed PNG Parsing Information Disclosure Vulnerability." Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2... • http://www.securityfocus.com/bid/72909 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 19%CPEs: 12EXPL: 0CVE-2015-0087
https://notcve.org/view.php?id=CVE-2015-0087
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0089. Adobe Font Driver en Microsoft Windows Server... • http://www.securityfocus.com/bid/72893 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 1CVE-2015-0088 – Windows Kernel ATMFD.DLL Off-By-X OOB Reads/Writes Relative to Operand Stack
https://notcve.org/view.php?id=CVE-2015-0088
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0090, CVE-2015-0091, CVE-2015-0092, and CVE-2015-0093. Adobe Font Driver en Microsoft Windows Server 2003 SP2,... • https://packetstorm.news/files/id/133164 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.2EPSS: 19%CPEs: 12EXPL: 0CVE-2015-0089
https://notcve.org/view.php?id=CVE-2015-0089
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0087. Adobe Font Driver en Microsoft Windows Server... • http://www.securityfocus.com/bid/72896 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 0CVE-2015-0090
https://notcve.org/view.php?id=CVE-2015-0090
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0091, CVE-2015-0092, and CVE-2015-0093. Adobe Font Driver en Microsoft Windows Server 2003 SP2,... • http://www.securityfocus.com/bid/72904 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 0CVE-2015-0091
https://notcve.org/view.php?id=CVE-2015-0091
11 Mar 2015 — Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "Adobe Font Driver Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-0088, CVE-2015-0090, CVE-2015-0092, and CVE-2015-0093. Adobe Font Driver en Microsoft Windows Server 2003 SP2,... • http://www.securityfocus.com/bid/72905 • CWE-94: Improper Control of Generation of Code ('Code Injection') •