An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling URIs. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer.
Category Archives: Checkpoint
Checkpoint
Microsoft Edge Use After Free (MS16-095: CVE-2016-3326; CVE-2016-3326)
A use after free vulnerability exists in Microsoft Edge. The vulnerability is due to incorrect memory handling leading to a use after free condition when processing a maliciously crafted file. Successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system.
Microsoft Windows Win32k Elevation of Privilege (MS16-098: CVE-2016-3308; CVE-2016-3308)
An out of bound memory access vulnerability was discovered within Microsoft Windows. The root cause is within win32kfull subsystem that performs an out of bound memory access leading to a heap memory corruption. A successful exploitation of this issue could allow an attacker to elevate his privileges on the system.
Microsoft Windows Graphics Component Remote Code Execution (MS16-097: CVE-2016-3304; CVE-2016-3304)
A remote code execution vulnerability exists in Microsoft Graphics Component. The vulnerability is due to the way Microsoft Windows improperly handles specially crafted EMF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted EMF files.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3293; CVE-2016-3293)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could allow attackers to execute code on the target system.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3289; CVE-2016-3289)
A use after free vulnerability was discovered within Microsoft Internet Explorer. The root cause comes from dll file triggering a use after free condition. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3322; CVE-2016-3322)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the mishandling of cached objects in complex webpages. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could allow attackers to execute code on the target system.
Adobe Acrobat and Reader Memory Corruption (APSB16-14: CVE-2016-1064; CVE-2016-1064)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file.
Adobe Acrobat Reader XFA FormCalc replace Integer Overflow (CVE-2016-1043)
An integer overflow vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper validation of the parameters for a certain function. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document. Successful exploitation of the vulnerability can possibly lead to remote code execution.
Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1056; CVE-2016-1056)
A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.