Page 93 of 1003 results (0.009 seconds)

CVSS: 9.3EPSS: 97%CPEs: 22EXPL: 5

Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010. La vulnerabilidad de Uso de la Memoria Previamente Liberada en Microsoft Internet Explorer versiones 6, 7 y 8 permite a los atacantes remotos ejecutar código arbitrario por medio de vectores relacionados con secuencias de tokens de Hojas de Estilo en Cascada (CSS) y el atributo de clip, también se conoce como un problema "invalid flag reference" o "Uninitialized Memory Corruption Vulnerability," tal y como se explotó "in the wild" en noviembre 2010. • https://www.exploit-db.com/exploits/15418 https://www.exploit-db.com/exploits/15421 https://www.exploit-db.com/exploits/16551 http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx http://secunia.com/advisories/42091 http://www.exploit-db.com/exploits/15418 http://www.exploit-db.com/exploits/15421 http://www.kb.cert.org/vuls/id/899748 http://www.microsoft.com/technet/security/advisory/2458511.mspx http://www.securityfocus • CWE-416: Use After Free •

CVSS: 9.3EPSS: 8%CPEs: 4EXPL: 0

Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Professional SP3, Windows Server 2003 R2 Enterprise Edition SP3, Windows Vista Business SP1, and Windows 7 Professional allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse msjet49.dll that is located in the same folder as a file that is processed by dao360.dll. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de ruta de búsqueda no confiable en la librería Data Access Objects (DAO) (dao360.dll) en Microsoft Windows XP Professional Service Pack 3, Windows Server 2003 R2 Enterprise Edition Service Pack 3, Windows Vista Business Service Pack 1, y Windows 7 Professional permite a usuarios locales, y posiblemente a atacantes remotos, ejecutar código arbitrario y llevar a cabo ataques de secuestro de DLL a través del troyano MSJet49.dll que se encuentra en el mismo directorio como un fichero que es procesado por dao360.dll. NOTA: la procedencia de esta información es desconocida, los detalles son obtenidos exclusivamente de información de terceros. • http://osvdb.org/68946 http://secunia.com/advisories/41986 http://www.securityfocus.com/bid/44541 •

CVSS: 9.3EPSS: 71%CPEs: 8EXPL: 2

Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows context-dependent attackers to execute arbitrary code via a long window title that this library attempts to create at the request of an application, as demonstrated by the Trident PowerZip 7.2 Build 4010 application, aka "Windows MFC Document Title Updating Buffer Overflow Vulnerability." Desbordamiento de búfer de pila en el método UpdateFrameTitleForDocument en la clase CFrameWnd en mfc42.dll en Microsoft Foundation Class (MFC) Library en Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 Gold, SP2, y R2, y Windows 7 permite a atacantes dependientes del contexto ejecutar código de su elección a través de un título largo window, librería que trata de crear una petición de aplicación, como queda demostrado en la aplicación Trident PowerZip 7.2 Build 4010, también conocido como " Vulnerabilidad de desbordamiento de búfer Windows MFC Document Title Updating." • https://www.exploit-db.com/exploits/13921 http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100705-%281%29 http://www.exploit-db.com/exploits/13921 http://www.securitytracker.com/id?1024557 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6696 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 6%CPEs: 40EXPL: 1

Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a crafted web site, aka "CSS Special Character Information Disclosure Vulnerability." Microsoft Internet Explorer v6 hasta v8 no controla correctamente los caracteres especiales no especificados en las Hojas de Estilo en Cascada (CSS), lo que permite a atacantes remotos obtener información sensible de diferente (1) dominios o (2) zonas a través de sitios web manipualdos, conocido como "Vulnerabilidad de revelación de caracter especial de información." • https://www.exploit-db.com/exploits/34602 http://support.avaya.com/css/P8/documents/100113324 http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7410 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 37%CPEs: 4EXPL: 0

The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly perform memory allocation during font parsing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Parsing Vulnerability." El formato de driver OpenType Font (OTF) en Microsoft Windows XP SP2 y SP3 y Server 2003 SP2 realiza adecuadamente la asignación de memoria durante el parseo, lo que permite a usarios locales obtener privilegios a través de programas manipulados, también conocido como "Vulnerabilidad de parseo Font OpenType". • http://support.avaya.com/css/P8/documents/100113218 http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-078 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7258 • CWE-264: Permissions, Privileges, and Access Controls •