CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-8643
https://notcve.org/view.php?id=CVE-2014-8643
Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process. Mozilla Firefox anterior a 35.0 en Windows permite a atacantes remotos evadir el mecanismo de protección sandbox del Gecko Media Plugin (GMP) mediante el aprovechamiento del acceso al proceso GMP, tal y como fue demostrado por el proceso del plugin OpenH264. • http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html http://secunia.com/advisories/62253 http://secunia.com/advisories/62446 http://www.mozilla.org/security/announce/2014/mfsa2015-07.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/72043 http://www.securitytracker.com/id/1031533 https://bugzilla.mozilla.org/show_bug.cgi?id=1117140&# • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 88%CPEs: 9EXPL: 4CVE-2015-0016 – Microsoft Windows TS WebProxy Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2015-0016
Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Directory Traversal Elevation of Privilege Vulnerability." ... Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges. • https://www.exploit-db.com/exploits/35983 http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox http://packetstormsecurity.com/files/130201/MS15-004-Microsoft-Remote-Desktop-Services-Web-Proxy-IE-Sandbox-Escape.html http://secunia.com/advisories/62076 http://www.exploit-db.com/exploits/35983 http://www.securityfocus.com/bid/71965 http://www.securitytracker.com/id/1031524 https://docs.microsoft.com/en-us/security-updates/securitybulletins/ • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.4EPSS: 0%CPEs: 20EXPL: 0CVE-2014-9150
https://notcve.org/view.php?id=CVE-2014-9150
Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568. Condición de carrera en la caracteristica 'MoveFileEx call hook' en Adobe Reader and Acrobat 11.x anterior a 11.0.09 en Windows permite a atacantes remotos evadir el mecanismo de protección de sandbox, y como consecuencia escribir a ficheros en localizaciones arbitrarias, a través de un ataque de unión NTFS, un problema similar a CVE-2014-0568. • http://helpx.adobe.com/security/products/reader/apsb14-28.html https://code.google.com/p/google-security-research/issues/detail?id=103 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-4457
https://notcve.org/view.php?id=CVE-2014-4457
The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time period when debugging is not enabled. El subsistema Sandbox Profiles en Apple iOS anterior a 8.1.1 no implementa debidamente el sandbox debugserver, lo cual permite a atacantes evadir las restricciones destinadas a la ejecución de binarios a través de una aplicación manipulada que es ejecutada durante un período de tiempo cuando la depuración no está habilitada. • http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html http://www.securityfocus.com/bid/71143 http://www.securitytracker.com/id/1031232 https://exchange.xforce.ibmcloud.com/vulnerabilities/98777 https://support.apple.com/en-us/HT204418 https://support.apple.com/en-us/HT6590 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 12%CPEs: 7EXPL: 0CVE-2014-4077 – Microsoft IME Japanese Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-4077
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanese) Elevation of Privilege Vulnerability," as exploited in the wild in 2014. Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, y Office 2007 SP3, cuando IMJPDCT.EXE (también conocido como IME para japonés) está instalado, permiten a atacantes remotos evadir un mecanismo de protección sandbox a través de un documento PDF manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Microsoft IME (japonés),' tal y como fue utilizado activamente en 2014. ... IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation. • http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx http://www.securitytracker.com/id/1031196 http://www.securitytracker.com/id/1031197 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-078 •