Computer Security
[EN] securityvulns.ru
no-pyccku

  

Name:MICROSOFT : Windows Vista

9!Microsoft Windows multiple security vulnerabilities
document OLE code execution, Internet Explorer multiple vulnerabilities, Schannel code execution, XML Core Services code execution, TCP/IP privilege escalation, Windows Audio Service privilege escalation, .NET Framework privilege escalation, RDP restrictions bypass, IIS restrictions bypass, IME privilege escalation, kernel-mode drivers DoS.
9!Microsoft Windows multiple security vulnerabilities
document Restrictions bypass and memory corruptions in Internet Explorer, .Net code execution, TrueType embedded fonts code execution, OLE code execution, message queue service and FAT32 driver privilege escalation.
7!Microsoft Windows multiple security vulnerabilities
document Windows Media Center use-after-free, drivers privilege escalation, .Net restriction bypass and DoS, LRPC restriction bypass, Windows Installer service privilege escalation, Internet Explorer multiple security vulnerabilities, Task Scheduler privilege escalation.
 Windows Mail privilege escalation
document Insufficient path on executable call.
8!Microsoft Windows multiple security vulnerabilities
updated since 14.07.2014
document RDP weak encryption, TCP DoS, XML libraries information leakage, graphics libraries memory corruptions, Windows Journal memory corruptions, virtual keyboard privilege escalation, ADF privilege escalation, DirectoShow privilege escalation, Microsoft Service Bus DoS, multiple Internet Explorer vulnerabilities.
7!Microsoft Windows multiple security vulnerabilities
document Windows File Handling code execution, Group Policy Preferences privileges escalation. .Net privileges escalation. Windows Shell privileges escalation. iSCSI DoS.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions.
9!Microsoft Internet Explorer use-after-free vulnerability
document VGX.DLL use-after-free vulnerability is actively exploitd in-the-wild.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.02.2014
document Multiple memory corruptions, crossite access, privilege escalation.
8!Microsoft Windows multiple security vulnerabilities
document DirectShow memory corruptions, SilverLight restrictions bypass, SAMR restrictions bypass, kernel mode drivers privilege escalations.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions.
8!Microsoft Windows multiple security vulnerabilities
document XML services information leakage, IPv6 DoS, Direct2D memory corruption, .Net privilege escalation, VBScript code execution.
9!Microsoft Windows multiple security vulnerabilities
updated since 16.12.2013
document Memory corruption in graphics library, signature check bypass, use-after-free in scripting, multiple privilege escalations.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruption and privilege escalations.
8!Microsoft Windows multiple security vulnerabilities
document GDI integer overflow, InformationCardSigninHelper ActiveX code execution, AFD driver information leak, X.509 certificates DoS, Hyper-V privilege escalation.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple information leaks and memory corruptions.
8!Microsoft Windows multiple security vulnerabilities
updated since 09.10.2013
document .Net code execution, comctl32.dll integer overflow.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruption.
8!Microsoft Windows multiple security vulnerabilities
document OLE code execution, Windows Theme files code execution, kernel mode drivers privilege escalation, SCM privilege escalation, Acrive Directory DoS.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions.
8!Microsoft Windows multiple security vulnerabilities
updated since 14.08.2013
document Unicode Scripts Processor memory corruption, RPC privilege escalation, kernel protection bypass and memory corruptions, IPv6 and NAT DoS.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2013
document Protection bypass, crossite scripting, memory corruptions.
9!Microsoft Windows multiple security vulnerabilities
updated since 10.07.2013
document Multiple vulnerabilities in .Net and Silverlight, multiple kernel components vulnerabilities, GDI+ TrueType parsing memory corruption, DirectShow memory corruption, VMW parsing memory corruption, multiple Internet Explorer memory corruption, Windows Defender privilege escalation.
 Mozilla Firefox / Microsoft Internet Explorer DoS
document Crash or hang via resources exhaustion.
7!Microsoft Windows multiple security vulnerabilities
document Kernel information leakage, drivers DoS, print spooler privilege escalation.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions.
7!Microsoft Windows multiple security vulnerabilities
document http.sys DoS, multiple kernel privilege escalations, .Net signature spoofing and authorization bypass.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Information leakage, multiple use-after-free vulnerabilities
7!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.04.2013
document Use-after-free vulnerabilities.
 Microsoft Internet Explorer DoS
document Crash on recursive CSS inclusion.
 Microsoft Active Directory DoS
document Memory exhaustion.
7!Microsoft Windows multiple security vulnerabilities
document Multiple privilege escalations in kernel, CSRSS and drivers.
7!Microsoft Remote Desktop Connection Client ActiveX code execution
document Use-after-free in ActiveX
7!Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.03.2013
document Multiple use-after-free vulnerabilities.
 Microsoft Windows USB devices privilege escalation
updated since 13.03.2013
document Few different vulnerabilities on USB device plugging with ability of code execution.
8!Microsoft Windows multiple security vulnerabilities
updated since 14.02.2013
document Quartz.dll memory corruption, .Net privilege escalation, multiple kernel race conditions, CSRSS privilege escalation, TCP/IP DoS.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Information leakage, multiple use-after-free vulnerabilities, VML memory corruption.
8!Microsoft Internet Explorer use-after-free vulnerabilities
document Use-after-free vulnerability in CButton is actively used in-the-wild.
8!Microsoft Windows multiple security vulnerabilities
document Print spooler service code execution, XML library integer overflow and memory corruption, multiple .Net vulnerabilities, Win32K privilege escalation SSL/TLS library protection bypass, Open Data Protocol DoS.
 Microsoft Internet Explorer stack overflow
document Stack overrun on malformed tags sequence.
9!Microsoft Windows multiple security vulnerabilities
document Buffer overflow on OpenType and TrueType fonts parsing, memory corruption on filname handling, DirectPlay buffer overflow, DirectAccess IP-HTTPS insufficient certificate check.
7!Microsoft Internet Explorer multiple security vulnerabilities
document Few use-after-free vulnerabilities.
 Internet Explorer information leakage
document Page can track any mouse movements, even behind the page.
6!Microsoft Internet Explorer 7 memory corruption
document Memory corruption on redirection to data: uri containing some tags.
 Microsoft Internet Information Services security vulnerabilities
document log files information leakage, FTP STARTTLS session command injection.
8!Microsoft Windows security vulnerabilities
document Windows Briefacese integer overflows, .Net protection bypass, information leakage and code execution, kernel drivers privilege escalations.
7!Microsoft Internet Explorer multiple security vulnerabilities
document Few different use-after-free vulnerabilities.
9!Microsoft Internet Explorer memory corruption
updated since 19.09.2012
document Use-after-free vulnereability is actively used in-the-wild to install malware.
7!Microsoft Windows kernel integer overflow
document Kernel integer overflow leads to privilege escalation.
9!Microsoft Windows multiple security vulnerabilities
updated since 11.07.2012
document Microsoft XML Services memory corruption, ADO memory corruption, kernel drivers vulnerabilities, Window Shell command injection, TLS vulnerabilities
8!Microsoft Internet Explorer multiple security vulnerabilities
document Memory corruptions, integer overflow, function pointer corruption.
9!Microsoft Windows multiple security vulnerabilities
updated since 09.05.2012
document TCP/IP privilege escalation, partition manager privilege escalation, multiple security vulnerabililities in .Net, Silverlight, font management, GDI+, window components, etc.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.06.2012
document Multiple memory corruptions, code executions, information leakage.
6!Microsoft IIS protection bypass
document Password protection bypass, script files content access.
8!Microsoft Remote Desktop memory corruption
document Memory corruption on RDP packets processing.
 Opera / Mozilla / Internet Explorer DoS
updated since 12.02.2010
document Large number of nested tags leads to buffer overflow.
7!Microsoft Windows multiple security vulnerabilities
updated since 11.04.2012
document MSCOMCTL.ocx code execution, .Net code execution, WinVerifyTrust digital signature validation vulnerability
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 11.04.2012
document Multple vulnerabilities allow remote code execution.
9!Microsoft .Net multiple security vulnerabilities
updated since 02.01.2012
document DoS, multiple vulnerabilities in forms authentication.
8!Microsoft Windows multiple security vulnerabilities
document Kernel drivers privileges escalation, DirectWrite API DoS, RDP memory corruption and DoS.
9!Microsoft Windows multiple security vulnerabilities
updated since 15.02.2012
document GDI code execution, drivers privilege escalation, unsafe DLL loading, C Runtime code execution, .Net framework and Silverlight vulnerabilities.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.02.2012
document Code execution, information leakage.
7!Microsoft Windows multiple security vulnerabilities
updated since 11.01.2012
document SafeSEH protection bypass, Windows Object Packager code execution, CSRSS privilege escalation, DirectShow / Windows Media memory corruption, Windows Packager code execution, SSL/TLS information leakage.
6!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.12.2011
document Information leakage, insecure library loading.
9!Microsoft Windows multiple security vulnerabilities
updated since 15.12.2011
document Buffer overflow on TTF fonts parsing, OLE objects memory corruption, CSRSS and kernel privilege escalations, ActiveX code execution.
6!Microsoft Windows multiple applications DLL hijacking
updated since 26.08.2010
document If application is launched via file type association, current path is set to the path file is located, making it's possible to place DLLs application tries to load dynamically into same directory.
 Microsoft Windows Media memory corruption
document Memory corruption on .dvr-ms files parsing.
10!Microsoft Windows kernel UDP processing integer overflow
document Integer overflow leads to code execution via the flow of UDP packets to closed port.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.10.2011
document Multiple memory corruptions with code execution.
6!Microsoft .Net / Silverlight code execution
document It's possible to escape from sandbox.
7!Microsoft Windows multiple security vulnerabilities
document Active Accessibility and Media Center insecure DLL loading
6!DigiNotar fraudulent certificates
updated since 01.09.2011
document Well known domain names certificates were issued to untrusted party.
8!Microsoft Windows multiple security vulnerabilities
document NDISTAPI service and CSRSS privilege escalations, kernel DoS, TCP/IP DoS, RDP DoS, .Net information disclosure.
9!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions, crossite data access, code execution.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.06.2011
document mhtml handler cross application scripting, VML processor memory corruption, multiple internet explorer memory corruptions, information leakage.
7!Microsoft Windows multiple security vulnerabilities
document Uninitialized memory reference in Bluetooth stack, multiple memory handling vulnerabilities in Windows kernel, multiple privilege escalations in CSRSS.
8!Microsoft Windows multiple security vulnerabilities
updated since 15.06.2011
document Buffer overflow on WMF files parsing. Uninitialized pointers on OTF parsing. DFS memory corruptions. SMB client and server memory corruptions. afd.sys privilege escalation.
8!Microsoft .Net Framework multiple security vulnerabilities
document Array index overflow, JIT compiler code execution.
 Microsoft fixed SMB NTLM relay attacks
updated since 12.11.2008
document Microsoft fixed NTLM proxing vulnerability: credentials used for one services could be forwardedto different one. Attack is known for many years as NTLM weakness.
9!Microsoft Windows multiple security vulnerabilities
updated since 13.04.2011
document SMB client and server memory corruption, Fax Cover Page Editor memory corruption, MFC library unsafe DLL loading, MHTML library information leak, GDI+ library integer overflow, DNS client memory corruption, memory corruption in .Net Framework, memory corruption in JScript / VBScript engines, stack overflow in OpenType fonts parsing, multiple drivers vulnerabilities.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.04.2011
document Multiple memory corruptions and information leaks.
 Multiple systems ICMPv6 flood DoS
document router announcement packets flood resourceds exhaustion
 Windows help system buffer overflow
document Buffer overflow on CHM files parsing.
6!Multiple ActiveX components security vulnerabilities
document kill bit update for multiple components of different vendors.
6!Microsoft Windows multiple security vulnerabilities
document Unsafe library loading, code execution with .dvr-ms files.
6!Microsoft Windows application policy bypass
document It's possible to bypass application restriction policy by directly loading code into suspended process' memory via e.g. Microsoft Word macro.
8!Microsoft Windows multiple security vulnerabilities
updated since 08.02.2011
document Buffer overflow in shell on thumbnail parsing, memory corruption on OpenType Compact Font Format parsing, privilege escalation via CSRSS, LSA, kernel and different drivers, Kerberos server spoofing, JScript/VBScript memory content leak.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 08.02.2011
document Multiple memory corruptions, unsafe DLL loading.
9!Microsoft IIS FTP Server buffer overflow
document Heap buffer overflow.
 Microsoft Fax Cover Page Editor double free vulnerability
document Double free vulnerability on .cov files parsing.
 Microsoft Windows backup manager insecure DLL loading
document insecure DLL loading on .wbcat file opening.
 Microsoft ADO security vulnerabilities
document Buffer overflow, memory corruption.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.12.2010
document Crossite data access, multiple memory corruptions.
9!Microsoft Windows multiple security vulnerabilities
document OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS.
 Microsoft Windows hidden administrative group membership
document It's possible to include user's account into administrative group without direct group membership.
6!Microsoft Windows Wordpad / Windows Shell code execution
document Code execution via embedded COM object.
 Windows Media Player memory corruption
document Memory corruption if page with WMP ActiveX is reloaded.
6!Media Player Network Sharing memory corruption
document Use-after-free vulneraebility on RTSP request parsing.
6!Microsoft Sharepoint SafeHTML crossite scripting
document Few crossite scripting possibilities.
9!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions, cross domain information disclosure.
9!Microsoft Windows multiple security vulnerabilities
document Multiple privilege escalation with different drivers. MFC buffer overflow. EOT and OTF fonts memory corruptions and integer overflow. comctl32 buffer overflow. LPC buffer overflow. SChannel DoS.
9!Microsoft Internet Information Services multiple security vulnerabilities
document Authentication bypass, buffer overflow, DoS.
9!Microsoft Windows multiple security vulnerabilities
updated since 15.09.2010
document Privilege escalation and code execution in spooler services,memory corruption in MPEG-4 codec, memroy corruption in RPC, privilege escalation in LSA, privilege escalation in CSRSS subsystem, WordPad memory corruption.
 Multiple browsers certificates validation weakness
document Wildmasks in certificates issued to IP address are enabled.
6!Microsoft Windows Kerberos tickets spoofing
document It's possible to logon with any account by manipulating network traffic.
7!Microsoft .Net and Silverlight security vulnerabilities
document Memory corruption, code execution.
 Microsoft Windows Tracing Feature for Services security vulnerabilities
document Weak permissions on registry keys, buffer overflow on registry keys reading.
6!Microsoft Windows TCP/IP stack security vulnerabilities
document DoS, privilege escalation.
 Microsoft Windows Cinepak codec memory corruption
document Memory corruption on data decompression.
7!Microsoft Windows SMB/CIFS service multiple security vulnerabilities
document Buffer overflow, privilege escalation, DoS.
9!Microsoft Internet Explorer multiple security vulnerabilities
document Multiple memory corruptions, crossite access.
8!Microsoft XML Core Services memory corruption
document Memory corruption on server's response pasrsing in XMLHTTP.
 Microsoft Windows MovieMaker memory corruption
document Memory corruption on project file parsing.
6!Microsoft Windows kernel multiple security vulnerabilities
updated since 10.08.2010
document Memory corruptions, privilege escalations, DoS.
6!Microsoft Windows shortcuts code execution
document Code execution on shortcut icon displaying.
 Microsoft ClickOnce technology insufficient security
document Installation of unsigned elements is allowed.
 Microsoft Windows CHM files protection bypass
document It's possible to bypass CHM file locking protection for file downloaded from Internet.
6!Microsoft Windows win32k privilege escalation
updated since 08.06.2010
document Multiple memory corruptions.
6!Microsoft .Net XML signing protection bypass
document Only part of signature is compared in case of incomplete HMAC.
6!Microsoft Windows OpenType Compact Font Format driver memory corruption
document Memory corruption on IOCTL processing.
 Microsoft IIS memory corruption
document Memory corruption if Extended Protection for Authentication is enabled.
7!Code execution with multiple ActiveX components in Microsoft Windows
updated since 08.06.2010
   
7!Microsoft Windows media files parsing memroy corruption
document Memory corruption on JPEG / MJPEG parsing.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Crossite scripting, information leakage, multiple memory corruptions.
 Multiple browsers DoS
updated since 20.05.2010
document Mail program compose message window is created for avery frame with mailto:, news:, nntp:, etc URI.
 Microsoft Internet Explorer information leak
document It's possible to access external UNC location via ICMFilter option, leaking authentication information.
 Microsoft Windows Mail / Outlook Express integer overflow
document Integer overflow on POP3 or IMAP server reply parsing.
 Microsoft Internet Explorer, Google Chrome, Opera and Mozilla Firefox DoS
document Large buffer within <marquee> tag causes browser to crash.
 Microsoft Windows ISATAP IPv6 address spoofing
document Insufficient check for tunneling address.
7!Microsoft Windows MP3 codec buffer overflow
document Buffer overflow on AVI files with MP3 audio stream.
7!Microsoft SMB client multiple security vulnerabilities
updated since 10.02.2010
document Memory corruptions, race conditions.
6!Microsoft Windows kernel multiple privilege escalations
document Multiple DoS conditions, race conditions, memory corruptions.
8!Microsoft Windows file signature spoofing
document Signature spoofing in PE and CAB files.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 31.03.2010
document Multiple security vulnerability are used in-the-wild for hiddden malware installation.
8!Microsoft Internet Explorer memory corruption
document Memory corruption on XML/HTML processing.
 Microsoft Movie Maker buffer overflow
document Buffer overflow on .MSWMM files parsing.
6!Microsoft Windows kernel privilege escalation
document Double free() vulnerability, exception handler vulnerability.
6!Microsoft DirectShow buffer overflow
document Buffer overflow on AVI parsing.
7!Microsoft Windows SMB server multiple security vulnerabilities
document Memory corruptions, buffer overflow, DoS conditions, cryptography weakness.
7!Microsoft Data Analyzer ActiveX Control memory corruption
   
9!Microsoft Windows TCP/IP and TCP/IPv6 multiple security vulnerabilities
updated since 09.02.2010
document Multiple memory corruptions in ICMPv6, IPSec, TCP implementations.
8!Microsoft Internet Explorer information leak
document It's possible to retrieve any file from client computer via URLMON and Dynamic OBJECT tag.
9!Internet Explorer memory corruption
updated since 22.11.2009
document Memory corruption then setting outerHTML from body style.
8!Microsoft Internet Explorer Multiple security vulnerabilities
updated since 19.01.2010
document 0-day use-after-free vulnerability on createEventObject processing: <body onload="for(var i=0; i!=10000; i++) ev.srcElement"> <img src=. onerror="ev=createEventObject(event); outerHTML++">, Multiple memory corruptions.
8!Microsoft Windows Embedded OpenType (EOT) Fonts multiple security vulnerabilities
updated since 14.07.2009
document Integer overflows, heap buffer overflows.
6!Microsoft IIS protection bypass
document It's possible to bypass 3rd party upload protection by file extension, because part of filename after semicolon is ingored then detecting file type. E.g. script.asp;.jpg is treated by web server as ASP file.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 09.12.2009
document Multiple memory corruptions, code execution.
7!Microsoft Internet Authentication Service multiple security vulnerabilities
document MS-CHAP authentication bypass, memory corruption.
9!Multiple TCP implementations different security vulnerabilities
updated since 09.09.2009
document Multiple security vulnerabilities in different operation sustems caused by resource exhaustions on maintaining TCP states table.
8!Microsoft Windows GDI code execution
document Memory corruption on EOT (Embedded Open Type) font parsing, privilege escalation, DoS.
8!Web Services on Devices Application Programming Interface API memory corruption
document Memory corruption on WSD (TCP/5357, TCP/5358, UDP/3702) network packet parsing.
 Microsoft Internet Explorer DoS
document Unremovable dialog with cycled setHomePage.
 Microsoft Windows Media Player information leak
document Windows Media Player plugin allows to detect local file existance.
6!Microsoft Windows kernel multiple security vulnerabilities
updated since 13.10.2009
document Integer overflow, NULL pointer dereference, exception handler vulnerability.
7!Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.10.2009
document Multiple memory corruptions.
6!Microsoft Windows Media Runtime multiple security vulnerabilities
updated since 13.10.2009
document Buffer overflows, memory corruptions.
8!Microsoft .Net multiple security vulnerabilities
document Multiple vulnerabilities allow escape from sandbox environment.
8!Microsoft GDI+ multiple security vulnerabilities
document Multiple vulnerabilities on WMF, PNG, TIFF, BMP parsing.
9!Microsoft Active Template Library (ATL) multiple security vulnerabilities
updated since 29.07.2009
document Memory corruptions, information leak, initialization problem, leading to killbit protection bypass.
8!Microsoft Windows IIS FTP server buffer overflow
updated since 31.08.2009
document Buffer overflow in NLST command. Same vulnerability may be used for stack overflow (stack memory exhaustion) without need fo write access.
6!Microsoft CryptoAPI certificate spoofing
document Certificate name spoofing with NULL byte.
9!Microsoft Windows (including Windows 7) SMB2 array index overflow
updated since 08.09.2009
document Crash on SMB2 protocol NEGOTIATE PROTOCOL REQUEST SMB request parsing
6!Microsoft Windows LSA DoS
document Crash on NTLM authentication parsing.
8!Microsoft Windows Wireless LAN AutoConfig service buffer overflow
document Buffer overflow on access point frame parsing.
8!Microsoft Windows JavaScript engine memory corruption
document Memory corruption on "arguments" keyword parsing.
6!Microsoft Windows MSMQ (message queuing) privilege escalation
updated since 11.08.2009
document DoS conditions in the service lead to named channel spoofing possibility.
7!Microsoft RDP client multiple security vulnerabilities
updated since 11.08.2009
document Memory corruption in ActiveX control, memory corruption on server reply processing.
6!Microsoft Windows Workstation service memory corruption
updated since 11.08.2009
document Memory corruption on RPC message parsing.
8!Microsoft Windows media files processing memory corruption
document Memory corruptions and integer overflows on AVI processing.
6!Microsoft ASP.NET DoS
   
 Microsoft telnet NTLM relaying
document NTLM relaying attack against telnet client authentication is possible.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 29.07.2009
document Multiple memory corruptions, workaround for ATL vulnerability added.
 Multiple browsers DoS
updated since 16.07.2009
document select() method doesn't limie the number of selected elements, leading to resources exhaustion.
 Multiple browsers DoS
document Crash or resources exhaustion on oversized unicode string operations via Javascript.
 Mozilla Firefox / Microsoft Internet Explorer / Opera /Google Chrome DoS
updated since 26.05.2009
document Hang on circle with large radius value in SVG tags. Hang and memory leak on reload with keygen tag.
8!Windows print spooler multiple security vulnerabilities
updated since 10.06.2009
document Buffer overflow, unauthorized files access, privilege escalation with dynamic library loading.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 09.06.2009
document Crossite data access, multiple memory corruptions.
6!Microsoft Windows kernel multiple privilege escalation
document Multiple vulnerabilities in different subsystems.
 Browsers and search systems URL spoofing
updated since 27.04.2009
document By using %xx in host name it's possible to spoof URL origin.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.04.2009
document Code exexuction, multiple memory corruptions, NTLM relaying.
6!Microsoft Windows WinHTTP servive multiple security vulnerabilities
document Integer overflow, certificate spoofing, NTLM relaying.
6!Microsoft Windows privilege escalation
document Privilege escalation with MSDTC, WMI, RPCSS, Windows Thread Pool services.
 Microsoft Internet Explorer DoS
document Browser hangs while trying to determine charset of the text document with large number of random characters.
10!Microsoft Windows kernel multiple security vulnerabilities
document Multiple security vulnerabilities allow code execution via EMF/WMF files.
 libc fts_* functions vulnerabilities
document Invalid exceptional conditions processing on long path.
 Multiple browsers inherited charset crossite scripting
updated since 25.02.2007
document If [age with undefined charset is displayed in frame, codepage of parent page is used. It makes it possible to conduct crossite scripting attack with e.g. UTF-7, EUC-JP (SHIFT_JIS) charset.
 Google Chrome, Mozilla Firefox, Opera, Internet Explorer browsers DoS
updated since 30.09.2008
document Calling window.print() function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval.
6!Microsoft Internet Explorer multiple security vulnerabilities
document Few memory corruptions.
 Microsoft Windows fails to disable autorun
document None of documented methods to disable autorun does it completely. This way of distribution is actively used by malware. CERT advises to add next record into registry (@ means default value for key). [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] @="@SYS:DoesNotExist"
9!Microsoft Windows SMB multiple security vulnerabilities
updated since 13.01.2009
document Buffer overflows and DoS conditions.
 Microsoft Internet Explorer DoS
document Crash on recursive script creation with createElement().
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 10.12.2008
document Multiple memory corruptions.
9!Microsoft Windows Media Player buffer overflow
document Buffer overflow on WAV parsing
 Mozilla Firefox, Microsoft Internet Explorer, Opera and Google Chrome DoS
document Printing <irame> in endless loop from javascript causes resources exhaustion and leads to browser hang.
9!Microsoft Windows Media Player integer overflow
document Integer overflow on WAV parsing.
10!Microsoft Internet Explorer memory corruption
document Memory corruption leads to code execution. Vulnerability is used in-the-wild for hidden malware installation.
 Microsoft Windows Media Player multiple security vulnerabilities
document NTLM credentials leak and relaying.
8!Microsoft Windows GDI library multiple security vulnerabilities
document Buffer overflow and integer overflow on WMF parsing.
8!Microsoft Windows Search multiple security vulnerabilities
document Code execution with saved search results and with search-ms: URI.
 Microsoft Windows Vista memory corruption
document Kernel memory corruption on CreateIpForwardEntry2 call processing.
 Internet Explorer, Opera, Google Chrome, Mozilla browsers DoS
updated since 03.10.2008
document window.close() в цикле на событие OnLoad() приводит к зависанию браузера. Multiple resource exhaustion attacks with Javascript.
7!Microsoft XML multiple security vulnerabilities
document Memory corruption, crossite scripting, information leak.
 Microsoft Windows UnhookWindowsHookEx() DoS
document Race conditions on UnhookWindowsHookEx() call during active desktop switichin cause system to hang or crash.
10!Microsoft Windows code execution
updated since 24.10.2008
document It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER (LanmanServer) service, TCP/139, TCP/445. Reccomendation is to disable browser service.
7!Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.10.2008
document Memory corruptions, information hijack, crossite scripting.
7!Microsoft Windows Virtual Address Descriptor manipulation privilege escalation
document Integer overflow leads to memory corruption.
8!Microsoft Windows SMB buffer overflow
document Buffer overflow on SMB protocol parsing.
 Microsoft Windows Internet Printing Service integer overflow
document Integer overflow after authentication.
 Microsoft Windows kernel multiple security vulnerabilities
document Double free() vulnerability and memory corruptions.
 Windows kernel integer overflow
document Integer overflow in IopfCompleteRequest function.
 Microsoft Internet Explorer DoS
document Browser hangs on malcrafted PNG image.
 Mozilla Firefox / Opera / Microsoft Internet Explorer browsers DoS
document window.sidebar.addPanel() in the loop causes browser to hang.
 Microsoft Windows DoS
document Uninitialized memory reference on WRITE_ANDX SMB request handling.
7!Microsoft Windows Media Encoder ActiveX code execution
document Control supports unsafe methods.
6!Microsoft Windows Media Player memory corruption
document Server-Side playlists parsing memory corruption.
8!Microsoft Windows GDI library multiple security vulnerabilities
document Multiple vulnerabilities on different graphics format parsing.
7!Microsoft .Net framework multiple security vulnerabilities
updated since 10.07.2007
document Buffer overflow on PE .Net format parsing, buffer overflow in KIT compiler, remote information leak in ASP.NET with poisoned NULL byte.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.08.2008
document Multiple memory corruptions, MHTML crossite scripting.
6!Microsoft Windows privilege escalation
document Invalid event handling allows code execution in system context.
 Microsoft Windows IPSec policies vulnerability
document Under certain conditions rules are not applied after Windows 2003 domain is migrated to Windows 2008.
6!Microsoft Windows DNS server and DNS client DNS reply spoofing
updated since 14.11.2007
document Weak pseudo-random generator is used to generate DNS request ID.
7!Microsoft Windows Explorercode execution
document Problem while parsing saved search files .search-ms.
6!Microsoft Windows PGM DoS
document Infinite loop on PGM packet parsing.
 Microsoft Vista speech recognition unauthorized access
updated since 03.02.2007
document Speech recognition may be used as an attack vector against client computer with e.h. HTML page with embedded sound.
6!Microsoft Wndows Bluetooth stack code execution
document The Windows Bluetooth Stack does not correctly handle a large number of SDP requests.
7!Microsoft DirectX code execution
document MJPEG format AVI and ASF files parsing vulnerability, SAMI files parsing vulnerability.
6!Microsoft Internet Explorer multiple security vulnerabilities
document Crossite scripting, information leak.
6!Microsoft Windows Realtek HD Audio privilege escalation
document Multiple security vulnerabilities on IOCTL processing.
 Microsoft Windows privilege escalation
document By using RPCSS service it's possible to elevate privileges from NetworkService to SYSTEM.
6!Microsoft Internet Explorer memory corruption
updated since 08.04.2008
document Memory corruption on datasream processing.
8!Microsoft Windows multiple ActiveX elements security update
updated since 08.04.2008
document Code execution in hxvz.dll.
9!Microsoft Windows GDI multiple security vulnerabilities
updated since 08.04.2008
document Multiple buffer overflows on EMF and WMF files parsing.
6!Microsoft Windows privilege escalation
document Code execution in kernel context.
 Microsoft Internet Explorer / mozilla Firefox address spoofing
   
6!Microsoft Internet Explorer 7 request modification
document Headers manipulation and invalid chunked encoding processing allow response splitting.
 Microsoft Internet Explorer 7.0 DoS
document Crash on createtextrange method.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.02.2008
document Multiple memory corruptions.
7!Microsoft Windows OLE buffer overflow
document Heap buffer overflow
6!Microsoft Internet Information Services privilege escalation
document Privilege escalation through file change notification. ASP files processing privilege escalation.
7!Microsoft Windows Web Client service buffer overflow
document Buffer overflow on WebDAV server response parsing.
 Microsoft Windows Vista DoS
document Crash on DHCP server response parsing.
6!Microsoft Windows Vista / XP / 2000 audio drivers privilege escalation
document Ensoniq PCI 1371 WDM audio driver privilege escalation.
8!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.12.2007
document Multiple memory corruptions.
8!Microsoft Windows DirectX multiple security vulnerabilities
updated since 12.12.2007
document Synchronized Accessible Media Interchange (SAMI), WAV and AVI.
6!Microsoft Windows Vista SMBv2 packets signature bypass
document Invalid implementation of digital signing.
6!3ivx MP4 codec buffer overflow
document Buffer overflow on MP4 tags parsing.
 Microsoft Jet Engine MDB files parsing buffer overflow
document Buffer overflow on MDB file access.
7!Microsoft Windows URL code execution
document Invalid handling of %xx sequences on external URL handlers in Windows XP with Internet Explorer 7 installed allows to execute applications.
6!Microsoft Windows RPC DoS
updated since 10.10.2007
document Denial of Service during authentication in RPC-based services.
6!Microsoft Internet Explorer multiple security vulnerabilities
document Memory corruption, address bar spoofing.
8!Microsoft Outlook Express / Windows Mail NNTP buffer overflow
document Heap memory overflow on NNTP server reply parsing.
 Microsoft Windows Explorer PNG DoS
document Infinite loop on invalid PNG file parsing.
 Microsoft Windows Services for UNIX privilege escalation
document Invalid suid files handling.
9!Microsoft Windows XML core services memory corruption
updated since 14.08.2007
document Memory corruption on XML parsing.
10!Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2007
document Memory corruption on ActiveX parsing, unsafe Visual Basic ActiveX execution, Visual Basic ActiveX memory corruption.
10!Microsoft Windows VML parsing buffer overflow
document Heap buffer overflow on compressed VML content.
6!Microsoft Windows Media Player multiple security vulnerabilities
document Multiple vulnerabilities on skin files parsing.
7!Microsoft Windows Vista gadgets code execution
document Code eexcution with "Contacts" and "Weather" gadgets.
 Microsoft Internet Explorer DoS
document Line <style>*{position:relative}</style><table><input></table> causes brower to crash.
 Microsoft Windows ARP DoS
document Flood with packets with different MACs causes CPU exaustion.
 Microsoft DirectX buffer overflow
document Buffer overflow on compressed TGA images parsing.
6!Microsoft Internet Explorer 0-day vulnerability
updated since 10.07.2007
document Unfiltered shell characters on executed URL: protocol application handler.
 Microsoft Internet Explorer content spoofing
document It's possiblt to emulate navigation to different site by using document.open(), actually stayin in context of previous page.
6!Microsoft Windows Vista firewall filtering bypass with Toredo
document Filtering tules are not applied to certein traffic types.
 Microsoft Internet Explorer DoS
document Browser DoS on the page in domain with special characters.
8!Microsoft Outlook Express / Windows Mail multiple security vulnerabilities
updated since 12.06.2007
document Multiple vulnerabilities on MHTML parsing. Code execution with UNC URLs.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.06.2007
document Multiple memory corruptions, content spoofing.
6!Microsoft Windows Vista weak security permissions
document Weak permissions for files and registry entries.
 Microsoft Windows GDI+ library DoS
updated since 11.06.2007
document Division by zero on .ICO files parsing.
 Microsoft Windows Vista application spoofing through links
document It's possible to bypass privileged application execution by spoofing start menu shortcuts.
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 08.05.2007
document Multiple memory corruption on COM objects and HTML parsing, files rewrite.
 Multiple browsers digest authentication request splitting
document It's possible to inject new line characters to HTTP request headers thorugh username.
7!Microsoft Windows memory corruption
updated since 16.12.2006
document CSRSS memory corruption on MessageBox with MB_SERVICE_NOTIFICATION beginning with "\??\".
6!Microsoft Windows Vista protected process protection bypass
document It's possible to set or remove process protection.
6!Microsoft Vista IPv6 multiple security vulnerability
updated since 29.03.2007
document Multiple DoS conditions and spoof possibilities.
10!Microsoft Windows animated cursors buffer overflow
updated since 30.03.2007
document Stack buffer overflow (stack overrun) is actively used for hidden malware installation.
9!Microsoft Windows multiple GDI vulnerabilities
   
6!Microsoft Vista ATI drivers vulnerability
document Blue Screen of Death whiel displaying images.
 Microsoft Windows Vista Internet Explorer applications execution
document By clicking the link to the local file with the same name as local folder, file is executed.
 Microsoft Windows mmioRead () multimedia function integer overflow
document Integer overflow on negative parameter values.
 Microsoft Internet Explorer page content spoofing
document Crossite scripting in res://ieframe.dll/navcancl.htm#http://www.site.com page allows to inject HTML code into page.
6!Microsoft Windows files and folders management problems
updated since 07.03.2007
document During file operations conditions exist for attacker to gain access to content of protected or locked files. It's also possible to create unmanageble file.
 Multiple browsers information leaks
document Server can find pages visited by user by using, e.g., different background pages for "visited" elements.
6!Multiple browsers OnUnload event handler different vulnerabilities
updated since 23.02.2007
document Different memory corruptions because of race conditions in OnUnload handler. In addition address bar spoofing and creation of pages can not be left is possible.
6!Mozilla libnss multiple security vulnerabilities
updated since 25.02.2007
document Buffer overflows and integer overflows in SSL2 client and server code implementation.
6!Microsoft Windows ReadDirectoryChangesW information leak
document ReadDirectoryChangesW() API function doesn't check user's privileges for subtree folders, making it's possible for unprivileged user to gather information about sensitive files.
7!Microsoft Internet Explorer multiple security vulnerabilities
document Memory corruptions on COM objects instantiation and FTP server response parsing can be used for hidden malware installation.
 Microsoft Internet Explorer / Mozilla Firefox user input hijacking
document It's possible to hijack input focus by using OnKeyDown / OnKeyPress events.
6!Microsoft Windows XMLHTTP proxy problem
document Because of insufficient request validation Msxml2.XMLHTTP ActiveX object can be used to proxy HTTML request via client browser.
 Microsoft Internet Explorer multiple ActiveX different paramters DoS
document NULL pointer dereference.
6!Multiple browsers race conditions
updated since 18.08.2006
document There are different race condition with threading synchronization on different concurrent events.
6!Multiple browsers DNS pinning protection bypass
document By emulatin Web server failure it's possible to bypass DNS pinning protection (protection against changing IP address resolution by DNS name for crossite access)
                    

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru