• Close
  • Displaying entries 1 - 10 of 79658 in total

    FreeBSD: Several vulnerabilities found in Teamspeak3-server Vulnerability

    • Severity: 4
    • Published: August 11, 2016

    Hanz Jenson audit report: I found 10 vulnerabilities. Some of these are critical and allow remote code execution. For the average user, that means that these vulnerabilities can be exploited by a malicious attacker in order to take over any Teamspeak server, not only becoming serveradmin, but getting a shell on the aff...

    Internet Explorer Iframe Sandbox File Name Disclosure Vulnerability Exploit

    Disclosed: August 09, 2016

    It was found that Internet Explorer allows the disclosure of local file names. This issue exists due to the fact that Internet Explorer behaves different for file:// URLs pointing to existing and non-existent files. When used in combination with HTML5 sandbox iframes it is possible to use this behavior to find out...

    MS16-103: Security Update for ActiveSyncProvider (3182332) Vulnerability

    • Severity: 4
    • Published: August 08, 2016

    An information disclosure vulnerability exists when Universal Outlook fails to establish a secure connection. An attacker could use this vulnerability to obtain the username and password of a user. The update addresses the vulnerability by preventing Universal Outlook from disclosing usernames and passwords.

    MS16-101: Security Update for Windows Authentication Methods (3178465) Vulnerability

    • Severity: 4
    • Published: August 08, 2016

    An elevation of privilege vulnerability exists when Windows Netlogon improperly establishes a secure communications channel to a domain controller. An attacker who successfully exploited the vulnerability could run a specially crafted application on a domain-joined system. To exploit the vulnerability, an attacker would require access to...

    MS16-099: Security Update for Microsoft Office (3177451) Vulnerability

    • Severity: 4
    • Published: August 08, 2016

    An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memory contents. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could create a specially crafted OneNote file and convince a victim to o...

    MS16-096: Cumulative Security Update for Microsoft Edge (3177358) Vulnerability

    • Severity: 4
    • Published: August 08, 2016

    Multiple remote code execution vulnerabilities exist when Microsoft Edge improperly accesses objects in memory. The vulnerabilities could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilities could gain the same user rights...

    MS16-100: Security Update for Secure Boot (3179577) Vulnerability

    • Severity: 4
    • Published: August 08, 2016

    A security feature bypass vulnerability exists when Windows Secure Boot improperly loads a boot manager that is affected by the vulnerability. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded onto a target device. Furthermore, the atta...