| 7! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.04.2013
|
 | | Use-after-free vulnerabilities. |
| | Microsoft Active Directory DoS
|
| | Memory exhaustion. |
| 7! | Microsoft Windows multiple security vulnerabilities
|
| | Multiple privilege escalations in kernel, CSRSS and drivers. |
| 7! | Microsoft Remote Desktop Connection Client ActiveX code execution
|
| | Use-after-free in ActiveX |
| 7! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.03.2013
|
| | Multiple use-after-free vulnerabilities. |
| | Microsoft Windows USB devices privilege escalation
updated since 13.03.2013
|
| | Few different vulnerabilities on USB device plugging with ability of code execution. |
| 8! | Microsoft Windows multiple security vulnerabilities
updated since 14.02.2013
|
| | Quartz.dll memory corruption, .Net privilege escalation, multiple kernel race conditions, CSRSS privilege escalation, TCP/IP DoS. |
| | Microsoft Windows Server NFS server DoS
|
| | NULL pointer dereference. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Information leakage, multiple use-after-free vulnerabilities, VML memory corruption. |
| 8! | Microsoft Internet Explorer use-after-free vulnerabilities
|
| | Use-after-free vulnerability in CButton is actively used in-the-wild. |
| 8! | Microsoft Windows multiple security vulnerabilities
|
| | Print spooler service code execution, XML library integer overflow and memory corruption, multiple .Net vulnerabilities, Win32K privilege escalation SSL/TLS library protection bypass, Open Data Protocol DoS. |
| | Microsoft Internet Explorer stack overflow
|
| | Stack overrun on malformed tags sequence. |
| 9! | Microsoft Windows multiple security vulnerabilities
|
| | Buffer overflow on OpenType and TrueType fonts parsing, memory corruption on filname handling, DirectPlay buffer overflow, DirectAccess IP-HTTPS insufficient certificate check. |
| 7! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Few use-after-free vulnerabilities. |
| | Internet Explorer information leakage
|
| | Page can track any mouse movements, even behind the page. |
| | Microsoft Internet Information Services security vulnerabilities
|
| | log files information leakage, FTP STARTTLS session command injection. |
| 8! | Microsoft Windows security vulnerabilities
|
| | Windows Briefacese integer overflows, .Net protection bypass, information leakage and code execution, kernel drivers privilege escalations. |
| 7! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Few different use-after-free vulnerabilities. |
| 9! | Microsoft Internet Explorer memory corruption
updated since 19.09.2012
|
| | Use-after-free vulnereability is actively used in-the-wild to install malware. |
| 7! | Microsoft Windows kernel integer overflow
|
| | Kernel integer overflow leads to privilege escalation. |
| 6! | Microsoft Windows kerberos server DoS
|
| | NULL pointer dereference on authentication request. |
| 9! | Microsoft Windows multiple security vulnerabilities
updated since 11.07.2012
|
| | Microsoft XML Services memory corruption, ADO memory corruption, kernel drivers vulnerabilities, Window Shell command injection, TLS vulnerabilities |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Memory corruptions, integer overflow, function pointer corruption. |
| 9! | Microsoft Windows multiple security vulnerabilities
updated since 09.05.2012
|
| | TCP/IP privilege escalation, partition manager privilege escalation, multiple security vulnerabililities in .Net, Silverlight, font management, GDI+, window components, etc. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.06.2012
|
| | Multiple memory corruptions, code executions, information leakage. |
| 6! | Microsoft IIS protection bypass
|
| | Password protection bypass, script files content access. |
| 8! | Microsoft Remote Desktop memory corruption
|
| | Memory corruption on RDP packets processing. |
| | Opera / Mozilla / Internet Explorer DoS
updated since 12.02.2010
|
| | Large number of nested tags leads to buffer overflow. |
| 7! | Microsoft Windows multiple security vulnerabilities
updated since 11.04.2012
|
| | MSCOMCTL.ocx code execution, .Net code execution, WinVerifyTrust digital signature validation vulnerability |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 11.04.2012
|
| | Multple vulnerabilities allow remote code execution. |
| 9! | Microsoft .Net multiple security vulnerabilities
updated since 02.01.2012
|
| | DoS, multiple vulnerabilities in forms authentication. |
| 8! | Microsoft Windows multiple security vulnerabilities
|
| | Kernel drivers privileges escalation, DirectWrite API DoS, RDP memory corruption and DoS. |
| 6! | Microsoft WIndows DNS Server DoS
|
| | Crash on request processing. |
| 9! | Microsoft Windows multiple security vulnerabilities
updated since 15.02.2012
|
| | GDI code execution, drivers privilege escalation, unsafe DLL loading, C Runtime code execution, .Net framework and Silverlight vulnerabilities. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.02.2012
|
| | Code execution, information leakage. |
| 7! | Microsoft Windows multiple security vulnerabilities
updated since 11.01.2012
|
| | SafeSEH protection bypass, Windows Object Packager code execution, CSRSS privilege escalation, DirectShow / Windows Media memory corruption, Windows Packager code execution, SSL/TLS information leakage. |
| 6! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.12.2011
|
| | Information leakage, insecure library loading. |
| 9! | Microsoft Windows multiple security vulnerabilities
updated since 15.12.2011
|
| | Buffer overflow on TTF fonts parsing, OLE objects memory corruption, CSRSS and kernel privilege escalations, ActiveX code execution. |
| 6! | Microsoft Windows multiple applications DLL hijacking
updated since 26.08.2010
|
| | If application is launched via file type association, current path is set to the path file is located, making it's possible to place DLLs application tries to load dynamically into same directory. |
| | Microsoft Windows active directory authentication bypass
|
| | Certificate revocation list is not checked on LDAPs access. |
| | Microsoft Windows DoS
|
| | Crash on TTF fonts parsing. |
| 10! | Microsoft Windows kernel UDP processing integer overflow
|
| | Integer overflow leads to code execution via the flow of UDP packets to closed port. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.10.2011
|
| | Multiple memory corruptions with code execution. |
| 6! | Microsoft .Net / Silverlight code execution
|
| | It's possible to escape from sandbox. |
| 7! | Microsoft Windows multiple security vulnerabilities
|
| | Active Accessibility and Media Center insecure DLL loading |
| 6! | DigiNotar fraudulent certificates
updated since 01.09.2011
|
| | Well known domain names certificates were issued to untrusted party. |
| 7! | Microsoft Windows WINS server memory corruption
updated since 10.05.2011
|
| | Memory corruption on send() exceptional conditions handling. |
| | Microsoft Windows WIND server privilege escalation
|
| | Loopback interface packets handling vulnereability |
| | Microsoft Windows CSRSS DoS
|
| | NULL pointer dereference on console input from stdin if stderr and stdout are closed. |
| 8! | Microsoft Windows multiple security vulnerabilities
|
| | NDISTAPI service and CSRSS privilege escalations, kernel DoS, TCP/IP DoS, RDP DoS, .Net information disclosure. |
| 7! | Microsoft Windows DNS server security vulnerabilities
|
| | Memory corruption on NAPTR record handling, uninitialized memory access on non-existent domain lookup. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Multiple memory corruptions, crossite data access, code execution. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.06.2011
|
| | mhtml handler cross application scripting, VML processor memory corruption, multiple internet explorer memory corruptions, information leakage. |
| 7! | Microsoft Windows multiple security vulnerabilities
|
| | Uninitialized memory reference in Bluetooth stack, multiple memory handling vulnerabilities in Windows kernel, multiple privilege escalations in CSRSS. |
| 8! | Microsoft Windows multiple security vulnerabilities
updated since 15.06.2011
|
| | Buffer overflow on WMF files parsing. Uninitialized pointers on OTF parsing. DFS memory corruptions. SMB client and server memory corruptions. afd.sys privilege escalation. |
| | Microsoft Hyper-V DoS
updated since 15.06.2011
|
| | Hang on VMBus commands processing. |
| | Microsoft Certificate Services crossite scripting
|
| | Crossite scripting in Active Directory Certificate Services Web Enrollment. |
| 8! | Microsoft .Net Framework multiple security vulnerabilities
|
| | Array index overflow, JIT compiler code execution. |
| | Microsoft fixed SMB NTLM relay attacks
updated since 12.11.2008
|
| | Microsoft fixed NTLM proxing vulnerability: credentials used for one services could be forwardedto different one. Attack is known for many years as NTLM weakness. |
| 9! | Microsoft Windows multiple security vulnerabilities
updated since 13.04.2011
|
| | SMB client and server memory corruption, Fax Cover Page Editor memory corruption, MFC library unsafe DLL loading, MHTML library information leak, GDI+ library integer overflow, DNS client memory corruption, memory corruption in .Net Framework, memory corruption in JScript / VBScript engines, stack overflow in OpenType fonts parsing, multiple drivers vulnerabilities. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.04.2011
|
| | Multiple memory corruptions and information leaks. |
| | Multiple systems ICMPv6 flood DoS
|
| | router announcement packets flood resourceds exhaustion |
| | Windows help system buffer overflow
|
| | Buffer overflow on CHM files parsing. |
| 6! | Multiple ActiveX components security vulnerabilities
|
| | kill bit update for multiple components of different vendors. |
| 6! | Microsoft Windows multiple security vulnerabilities
|
| | Unsafe library loading, code execution with .dvr-ms files. |
| 6! | Microsoft Windows application policy bypass
|
| | It's possible to bypass application restriction policy by directly loading code into suspended process' memory via e.g. Microsoft Word macro. |
| 8! | Microsoft Windows multiple security vulnerabilities
updated since 08.02.2011
|
| | Buffer overflow in shell on thumbnail parsing, memory corruption on OpenType Compact Font Format parsing, privilege escalation via CSRSS, LSA, kernel and different drivers, Kerberos server spoofing, JScript/VBScript memory content leak. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 08.02.2011
|
| | Multiple memory corruptions, unsafe DLL loading. |
| 9! | Microsoft IIS FTP Server buffer overflow
|
| | Heap buffer overflow. |
| | Microsoft Fax Cover Page Editor double free vulnerability
|
| | Double free vulnerability on .cov files parsing. |
| | Microsoft ADO security vulnerabilities
|
| | Buffer overflow, memory corruption. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.12.2010
|
| | Crossite data access, multiple memory corruptions. |
| 9! | Microsoft Windows multiple security vulnerabilities
|
| | OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS. |
| | Microsoft Hyper-V DoS
|
| | VMBus messages vulnerability |
| | Microsoft Windows hidden administrative group membership
|
| | It's possible to include user's account into administrative group without direct group membership. |
| | Microsoft Windows 2008 Shared Cluster Disks weak permissions
|
| | Everyone:Full Control permissions is granted on new disks by default. |
| 6! | Microsoft Windows Wordpad / Windows Shell code execution
|
| | Code execution via embedded COM object. |
| | Windows Media Player memory corruption
|
| | Memory corruption if page with WMP ActiveX is reloaded. |
| 6! | Microsoft Sharepoint SafeHTML crossite scripting
|
| | Few crossite scripting possibilities. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Multiple memory corruptions, cross domain information disclosure. |
| 9! | Microsoft Windows multiple security vulnerabilities
|
| | Multiple privilege escalation with different drivers. MFC buffer overflow. EOT and OTF fonts memory corruptions and integer overflow. comctl32 buffer overflow. LPC buffer overflow. SChannel DoS. |
| 9! | Microsoft Office multiple security vulnerabilities
updated since 15.09.2010
|
| | Buffer overflow in Microsoft Outlook message parsing, memory corruption on fonts parsing. |
| 9! | Microsoft Internet Information Services multiple security vulnerabilities
|
| | Authentication bypass, buffer overflow, DoS. |
| 9! | Microsoft Windows multiple security vulnerabilities
updated since 15.09.2010
|
| | Privilege escalation and code execution in spooler services,memory corruption in MPEG-4 codec, memroy corruption in RPC, privilege escalation in LSA, privilege escalation in CSRSS subsystem, WordPad memory corruption. |
| | Multiple browsers certificates validation weakness
|
| | Wildmasks in certificates issued to IP address are enabled. |
| 6! | Microsoft Windows Kerberos tickets spoofing
|
| | It's possible to logon with any account by manipulating network traffic. |
| 7! | Microsoft .Net and Silverlight security vulnerabilities
|
| | Memory corruption, code execution. |
| | Microsoft Windows Tracing Feature for Services security vulnerabilities
|
| | Weak permissions on registry keys, buffer overflow on registry keys reading. |
| 6! | Microsoft Windows TCP/IP stack security vulnerabilities
|
| | DoS, privilege escalation. |
| 7! | Microsoft Windows SMB/CIFS service multiple security vulnerabilities
|
| | Buffer overflow, privilege escalation, DoS. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Multiple memory corruptions, crossite access. |
| 8! | Microsoft XML Core Services memory corruption
|
| | Memory corruption on server's response pasrsing in XMLHTTP. |
| 6! | Microsoft Windows kernel multiple security vulnerabilities
updated since 10.08.2010
|
| | Memory corruptions, privilege escalations, DoS. |
| 6! | Microsoft Windows shortcuts code execution
|
| | Code execution on shortcut icon displaying. |
| | Microsoft ClickOnce technology insufficient security
|
| | Installation of unsigned elements is allowed. |
| 7! | Microsoft Windows Canonical Display integer overflow
|
| | Integer overflow on image displaying. |
| | Microsoft Windows CHM files protection bypass
|
| | It's possible to bypass CHM file locking protection for file downloaded from Internet. |
| 6! | Microsoft Windows win32k privilege escalation
updated since 08.06.2010
|
| | Multiple memory corruptions. |
| 6! | Microsoft .Net XML signing protection bypass
|
| | Only part of signature is compared in case of incomplete HMAC. |
| 6! | Microsoft Windows OpenType Compact Font Format driver memory corruption
|
| | Memory corruption on IOCTL processing. |
| | Microsoft IIS memory corruption
|
| | Memory corruption if Extended Protection for Authentication is enabled. |
| 7! | Code execution with multiple ActiveX components in Microsoft Windows
updated since 08.06.2010 |
| | | |
| 7! | Microsoft Windows media files parsing memroy corruption
|
| | Memory corruption on JPEG / MJPEG parsing. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Crossite scripting, information leakage, multiple memory corruptions. |
| | Multiple browsers DoS
updated since 20.05.2010
|
| | Mail program compose message window is created for avery frame with mailto:, news:, nntp:, etc URI. |
| | Microsoft Internet Explorer information leak
|
| | It's possible to access external UNC location via ICMFilter option, leaking authentication information. |
| | Microsoft Windows Mail / Outlook Express integer overflow
|
| | Integer overflow on POP3 or IMAP server reply parsing. |
| | Microsoft Internet Explorer, Google Chrome, Opera and Mozilla Firefox DoS
|
| | Large buffer within <marquee> tag causes browser to crash. |
| | Microsoft Windows ISATAP IPv6 address spoofing
|
| | Insufficient check for tunneling address. |
| 7! | Microsoft Windows MP3 codec buffer overflow
|
| | Buffer overflow on AVI files with MP3 audio stream. |
| 7! | Microsoft SMB client multiple security vulnerabilities
updated since 10.02.2010
|
| | Memory corruptions, race conditions. |
| 6! | Microsoft Windows kernel multiple privilege escalations
|
| | Multiple DoS conditions, race conditions, memory corruptions. |
| 8! | Microsoft Windows file signature spoofing
|
| | Signature spoofing in PE and CAB files. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 31.03.2010
|
| | Multiple security vulnerability are used in-the-wild for hiddden malware installation. |
| 8! | Microsoft Internet Explorer memory corruption
|
| | Memory corruption on XML/HTML processing. |
| 6! | Microsoft Windows kernel privilege escalation
|
| | Double free() vulnerability, exception handler vulnerability. |
| | Microsoft Hyper-V DoS
updated since 10.02.2010
|
| | Insufficient instruction set validation in virtual machine. |
| | Microsoft Windows Kerberos DoS
|
| | NULL pointer dereference on TGT renewal request processing. |
| 6! | Microsoft DirectShow buffer overflow
|
| | Buffer overflow on AVI parsing. |
| 7! | Microsoft Windows SMB server multiple security vulnerabilities
|
| | Memory corruptions, buffer overflow, DoS conditions, cryptography weakness. |
| 7! | Microsoft Data Analyzer ActiveX Control memory corruption |
| | | |
| 9! | Microsoft Windows TCP/IP and TCP/IPv6 multiple security vulnerabilities
updated since 09.02.2010
|
| | Multiple memory corruptions in ICMPv6, IPSec, TCP implementations. |
| 8! | Microsoft Internet Explorer information leak
|
| | It's possible to retrieve any file from client computer via URLMON and Dynamic OBJECT tag. |
| 9! | Internet Explorer memory corruption
updated since 22.11.2009
|
| | Memory corruption then setting outerHTML from body style. |
| 8! | Microsoft Internet Explorer Multiple security vulnerabilities
updated since 19.01.2010
|
| | 0-day use-after-free vulnerability on createEventObject processing: <body onload="for(var i=0; i!=10000; i++) ev.srcElement">
<img src=. onerror="ev=createEventObject(event); outerHTML++">,
Multiple memory corruptions.
|
| 8! | Microsoft Windows Embedded OpenType (EOT) Fonts multiple security vulnerabilities
updated since 14.07.2009
|
| | Integer overflows, heap buffer overflows. |
| 6! | Microsoft IIS protection bypass
|
| | It's possible to bypass 3rd party upload protection by file extension, because part of filename after semicolon is ingored then detecting file type. E.g. script.asp;.jpg is treated by web server as ASP file. |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 09.12.2009
|
| | Multiple memory corruptions, code execution. |
| 7! | Microsoft Internet Authentication Service multiple security vulnerabilities
|
| | MS-CHAP authentication bypass, memory corruption. |
| 7! | Microsoft Windows Active Directory Federation Service multiple security vulnerabilities
|
| | Code execution, session hijack. |
| 9! | Multiple TCP implementations different security vulnerabilities
updated since 09.09.2009
|
| | Multiple security vulnerabilities in different operation sustems caused by resource exhaustions on maintaining TCP states table. |
| 8! | Microsoft Windows GDI code execution
|
| | Memory corruption on EOT (Embedded Open Type) font parsing, privilege escalation, DoS. |
| 8! | Web Services on Devices Application Programming Interface API memory corruption
|
| | Memory corruption on WSD (TCP/5357, TCP/5358, UDP/3702) network packet parsing. |
| | Microsoft Active Directory DoS
|
| | LSASS stack overflow (stack memory exhaustion). |
| | Microsoft Internet Explorer DoS
|
| | Unremovable dialog with cycled setHomePage. |
| | Microsoft Windows Media Player information leak
|
| | Windows Media Player plugin allows to detect local file existance. |
| 6! | Microsoft Windows kernel multiple security vulnerabilities
updated since 13.10.2009
|
| | Integer overflow, NULL pointer dereference, exception handler vulnerability. |
| 7! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.10.2009
|
| | Multiple memory corruptions. |
| 6! | Microsoft Windows Media Runtime multiple security vulnerabilities
updated since 13.10.2009
|
| | Buffer overflows, memory corruptions. |
| 8! | Microsoft .Net multiple security vulnerabilities
|
| | Multiple vulnerabilities allow escape from sandbox environment. |
| 8! | Microsoft GDI+ multiple security vulnerabilities
|
| | Multiple vulnerabilities on WMF, PNG, TIFF, BMP parsing. |
| 9! | Microsoft Active Template Library (ATL) multiple security vulnerabilities
updated since 29.07.2009
|
| | Memory corruptions, information leak, initialization problem, leading to killbit protection bypass. |
| 8! | Microsoft Windows IIS FTP server buffer overflow
updated since 31.08.2009
|
| | Buffer overflow in NLST command. Same vulnerability may be used for stack overflow (stack memory exhaustion) without need fo write access. |
| 6! | Microsoft CryptoAPI certificate spoofing
|
| | Certificate name spoofing with NULL byte. |
| 9! | Microsoft Windows (including Windows 7) SMB2 array index overflow
updated since 08.09.2009
|
| | Crash on SMB2 protocol NEGOTIATE PROTOCOL REQUEST SMB request parsing |
| 6! | Microsoft Windows LSA DoS
|
| | Crash on NTLM authentication parsing. |
| 8! | Microsoft Windows Wireless LAN AutoConfig service buffer overflow
|
| | Buffer overflow on access point frame parsing. |
| 8! | Microsoft Windows JavaScript engine memory corruption
|
| | Memory corruption on "arguments" keyword parsing. |
| 7! | Microsoft RDP client multiple security vulnerabilities
updated since 11.08.2009
|
| | Memory corruption in ActiveX control, memory corruption on server reply processing. |
| 6! | Microsoft Windows Workstation service memory corruption
updated since 11.08.2009
|
| | Memory corruption on RPC message parsing. |
| 8! | Microsoft Windows media files processing memory corruption
|
| | Memory corruptions and integer overflows on AVI processing. |
| 6! | Microsoft ASP.NET DoS |
| | | |
| | Microsoft telnet NTLM relaying
|
| | NTLM relaying attack against telnet client authentication is possible. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 29.07.2009
|
| | Multiple memory corruptions, workaround for ATL vulnerability added. |
| | Multiple browsers DoS
updated since 16.07.2009
|
| | select() method doesn't limie the number of selected elements, leading to resources exhaustion. |
| | Multiple browsers DoS
|
| | Crash or resources exhaustion on oversized unicode string operations via Javascript. |
| | Mozilla Firefox / Microsoft Internet Explorer / Opera /Google Chrome DoS
updated since 26.05.2009
|
| | Hang on circle with large radius value in SVG tags. Hang and memory leak on reload with keygen tag. |
| 8! | Windows print spooler multiple security vulnerabilities
updated since 10.06.2009
|
| | Buffer overflow, unauthorized files access, privilege escalation with dynamic library loading. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 09.06.2009
|
| | Crossite data access, multiple memory corruptions. |
| 6! | Microsoft Windows kernel multiple privilege escalation
|
| | Multiple vulnerabilities in different subsystems. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.04.2009
|
| | Code exexuction, multiple memory corruptions, NTLM relaying. |
| 6! | Microsoft Windows WinHTTP servive multiple security vulnerabilities
|
| | Integer overflow, certificate spoofing, NTLM relaying. |
| 6! | Microsoft Windows privilege escalation
|
| | Privilege escalation with MSDTC, WMI, RPCSS, Windows Thread Pool services. |
| | Microsoft Internet Explorer DoS
|
| | Browser hangs while trying to determine charset of the text document with large number of random characters. |
| | Microsoft Windows DNS and WINS special records spoofing
|
| | It's possible to spoof WPAD and ISATAP records. |
| 10! | Microsoft Windows kernel multiple security vulnerabilities
|
| | Multiple security vulnerabilities allow code execution via EMF/WMF files. |
| | Google Chrome, Mozilla Firefox, Opera, Internet Explorer browsers DoS
updated since 30.09.2008
|
| | Calling window.print() function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval. |
| 6! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Few memory corruptions. |
| | Microsoft SQL Server memory corruption
|
| | sp_replwritetovarbin stored procedure memory overwrite. |
| | Microsoft Windows fails to disable autorun
|
| | None of documented methods to disable autorun does it completely. This way of distribution is actively used by malware. CERT advises to add next record into registry (@ means default value for key).
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
|
| 9! | Microsoft Windows SMB multiple security vulnerabilities
updated since 13.01.2009
|
| | Buffer overflows and DoS conditions. |
| | Microsoft Internet Explorer DoS
|
| | Crash on recursive script creation with createElement(). |
| 9! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 10.12.2008
|
| | Multiple memory corruptions. |
| 9! | Microsoft Windows Media Player buffer overflow
|
| | Buffer overflow on WAV parsing |
| | Mozilla Firefox, Microsoft Internet Explorer, Opera and Google Chrome DoS
|
| | Printing <irame> in endless loop from javascript causes resources exhaustion and leads to browser hang. |
| 9! | Microsoft Windows Media Player integer overflow
|
| | Integer overflow on WAV parsing. |
| 10! | Microsoft Internet Explorer memory corruption
|
| | Memory corruption leads to code execution. Vulnerability is used in-the-wild for hidden malware installation. |
| | Microsoft Windows Media Player multiple security vulnerabilities
|
| | NTLM credentials leak and relaying. |
| 8! | Microsoft Windows GDI library multiple security vulnerabilities
|
| | Buffer overflow and integer overflow on WMF parsing. |
| | Internet Explorer, Opera, Google Chrome, Mozilla browsers DoS
updated since 03.10.2008
|
| | window.close() в цикле на событие OnLoad() приводит к зависанию браузера. Multiple resource exhaustion attacks with Javascript. |
| 7! | Microsoft XML multiple security vulnerabilities
|
| | Memory corruption, crossite scripting, information leak. |
| 10! | Microsoft Windows code execution
updated since 24.10.2008
|
| | It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER (LanmanServer) service, TCP/139, TCP/445.
Reccomendation is to disable browser service. |
| 7! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.10.2008
|
| | Memory corruptions, information hijack, crossite scripting. |
| 8! | Microsoft Windows SMB buffer overflow
|
| | Buffer overflow on SMB protocol parsing. |
| | Microsoft Windows kernel multiple security vulnerabilities
|
| | Double free() vulnerability and memory corruptions. |
| | Windows kernel integer overflow
|
| | Integer overflow in IopfCompleteRequest function. |
| | Internet Information Server and IAS ActiveX unauthorized access and DoS
|
| | ActiveX allows privileged actions to be silently executed. |
| | Microsoft Internet Explorer DoS
|
| | Browser hangs on malcrafted PNG image. |
| | Mozilla Firefox / Opera / Microsoft Internet Explorer browsers DoS
|
| | window.sidebar.addPanel() in the loop causes browser to hang. |
| 7! | Microsoft Windows Media Encoder ActiveX code execution
|
| | Control supports unsafe methods. |
| 6! | Microsoft Windows Media Player memory corruption
|
| | Server-Side playlists parsing memory corruption. |
| 8! | Microsoft Windows GDI library multiple security vulnerabilities
|
| | Multiple vulnerabilities on different graphics format parsing. |
| 8! | Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.08.2008
|
| | Multiple memory corruptions, MHTML crossite scripting. |
| | Microsoft Windows IPSec policies vulnerability
|
| | Under certain conditions rules are not applied after Windows 2003 domain is migrated to Windows 2008. |
| 7! | Microsoft Windows Explorercode execution
|
| | Problem while parsing saved search files .search-ms. |
| 6! | Microsoft Windows PGM DoS
|
| | Infinite loop on PGM packet parsing. |
| | Microsoft Active Directory DoS
|
| | Uninitialized memory reference on LDAP processing. |
| 7! | Microsoft DirectX code execution
|
| | MJPEG format AVI and ASF files parsing vulnerability, SAMI files parsing vulnerability. |
| 6! | Microsoft Internet Explorer multiple security vulnerabilities
|
| | Crossite scripting, information leak. |
| 6! | Microsoft Windows Realtek HD Audio privilege escalation
|
| | Multiple security vulnerabilities on IOCTL processing. |
| 6! | Microsoft Internet Explorer memory corruption
updated since 08.04.2008
|
| | Memory corruption on datasream processing. |
| 8! | Microsoft Windows multiple ActiveX elements security update
updated since 08.04.2008
|
| | Code execution in hxvz.dll. |
| 9! | Microsoft Windows GDI multiple security vulnerabilities
updated since 08.04.2008
|
| | Multiple buffer overflows on EMF and WMF files parsing. |
| 6! | Microsoft Windows privilege escalation
|
| | Code execution in kernel context. |
| | Microsoft Internet Explorer / mozilla Firefox address spoofing |
| | | |
| 6! | Microsoft Internet Explorer 7 request modification
|
| | Headers manipulation and invalid chunked encoding processing allow response splitting. |
| | |
