Смотрите также связанные темы 24.01.2018 Сюрприз из kernel32 для сетевых ресурсов (MS12-081, детальный разбор уязвимости в Microsoft File Handling Component) Одиннадцатого декабря прошлого года вышел бюллетень Microsoft, связанный с уязвимостью, обнаруженной в Microsoft File Handling Component. Уязвимости был присвоен ранг критической и категория Remote code execution.
23.10.2018 CVE-2008-4728 Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.
12.03.2018 Microsoft Windows 2000/XP CHM Notepad Remote Code Execution PoC Цель: Microsoft Windows 2000/XP Воздействие: Отказ в обслуживании
19.07.2018 Microsoft Windows Shortcut Remote Code Execution Exploit Цель: Microsoft Windows XP, 2003, Vista, 2008, 7 Воздействие: Выполнение произвольного кода
15.03.2018 Microsoft Windows RDP Remote Code Execution PoC (CVE-2012-0002) Цель: Microsoft Windows XP, 2003, Vista, 7, 2008 Воздействие: Выполнение произвольного кода
10.04.2018 CVE-2012-0168 Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability."
18.08.2018 CVE-2008-3704 Stack-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0 allows remote attackers to execute arbitrary code via a long Mask parameter, as exploited in the wild in August 2008. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
18.08.2018 CVE-2008-3703 The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that create"snapshots schedules"registry values specifying future command execution. NOTE: this issue exists because of an incomplete fix for CVE-2007-2279.
31.01.2018 CVE-2016-1930 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
11.08.2018 IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit Цель: IntelliTamper 2.07 Воздействие: Выполнение произвольного кода
|