Page 64 of 369 results (0.093 seconds)

CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an application sandbox protection mechanism and perform unspecified registry actions via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability." Vulnerabilidad en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1, permite a atacantes evadir el mecanismo de protección de una aplicación sandbox y realizar acciones de registro no especificados a a través de una aplicación manipulada, también conocida como 'Windows Registry Elevation of Privilege Vulnerability.' This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CIERegistryHelper::SetSingleValue API. When this API is used with a whitelisted registry entry, an attacker can modify privileged registry values via a registry link. • http://www.securitytracker.com/id/1033251 http://www.zerodayinitiative.com/advisories/ZDI-15-379 http://www.zerodayinitiative.com/advisories/ZDI-15-380 http://www.zerodayinitiative.com/advisories/ZDI-15-459 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-090 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.4EPSS: 0%CPEs: 11EXPL: 0

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows KMD Security Feature Bypass Vulnerability." Vulnerabilidad en el controlador del modo kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2 y Windows RT Gold y 8.1, no restringe adecuadamente los niveles de suplantación, lo que permite a usuarios locales obtener privilegios a través de una aplicación manipulada, también conocida como 'Windows KMD Security Feature Bypass Vulnerability'. This vulnerability allows remote attackers to escape Protected Mode on vulnerable installations of Microsoft Internet Explorer User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the HelpPane executable. The issue lies in the validation of the integrity level of the COM client, which is performed with a comparison against the integrity level of the desktop's shell. An attacker can leverage this vulnerability to execute code under the context of the user at medium integrity. • http://www.securitytracker.com/id/1033238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.6EPSS: 1%CPEs: 5EXPL: 0

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability." Desde la versión 7 a la versión 11 de Microsoft Internet Explorer se permite a atacantes remotos escalada de privilegios a través de sitios web manipulados, también conocida como 'Vulnerabilidad de Evaluación de Privilegios de Internet Explorer'. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer running in either Protected Mode or Enhanced Protected Mode. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the EditWith function of the document broker. The document broker can be induced to use a file path from a registry key that is controlled by the low integrity process. • http://www.securityfocus.com/bid/75677 http://www.securitytracker.com/id/1032894 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.9EPSS: 3%CPEs: 7EXPL: 0

Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Windows DLL Remote Code Execution Vulnerability." Vulnerabilidad en la busqueda de ruta no confiable en Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2 y Windows RT 8.1 permite a usuarios locales obtener privilegios a través de un Troyano DLL en el directorio de trabajo actual, error conocido como 'Windows DLL Remote Code Execution Vulnerability.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of DLL loading by the Internet Explorer broker process, which can be induced to load a library in its context from a directory controlled by the low-integrity process. An attacker can leverage this vulnerability to execute code under the context of the user at medium integrity. • http://www.securitytracker.com/id/1032898 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069 •

CVSS: 9.3EPSS: 3%CPEs: 1EXPL: 1

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations. Apple Mac EFI anterior a 2015-001, utilizado en OS X anterior a 10.10.4 y otros productos, no configura correctamente los indices actualizados para DDR3 RAM, lo que podría facilitar a atacantes remotos realizar ataques 'row-hammer', y como consecuencia gnar privilegios o causar una denegación de servicio (corrupción de memoria), mediante la provocación de ciertas pautas de acceso a localizaciones de memoria. • https://www.exploit-db.com/exploits/36311 http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00003.html http://support.apple.com/kb/HT204934 http://support.apple.com/kb/HT204942 http://www.securityfocus.com/bid/75495 http://www.securitytracker.com/id/1032444 http://www.securitytracker.com/id/1032755 • CWE-254: 7PK - Security Features •