Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft B…
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memo…
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Br…
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memo…
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature…
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vu…
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vu…
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulne…
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memo…
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Br…
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Br…
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted O…
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1…
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation …
WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms I…
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11…
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service (performance …
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation …
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for M…
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafte…
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows remo…
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified funct…
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Exec…
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulne…
Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web Applications Page Content Vulnerability."
Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and An…
Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via …
Microsoft Silverlight 5 before 5.1.30214.0 and Silverlight 5 Developer Runtime before 5.1.30214.0 allow attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors, aka "Silver…
Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed .doc file containing an embedded image, as demonstrated by wor…
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "J…
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service (ap…
The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not…
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windo…
Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTP…
The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka…
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Intern…
Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL,…
Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user …
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Call…
The sandbox protection mechanism in Microsoft Internet Explorer 9 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vector…
Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as demo…
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Interne…
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Trunc…
The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, al…
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DL…
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "…
Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print …
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to exe…
The Microsoft Office Input Method Editor (IME) for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly …
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object,…
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context…
Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application …
Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom Dependenc…
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka…
Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as…
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows …
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working dir…
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoin…
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (…
Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, all…
Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecifi…
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1…
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initializ…
Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors r…
Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE…
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code vi…
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "…
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and de…
Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via u…
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion …
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack f…
Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, might allow user-assisted remote attackers to execute arbit…
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute ar…
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly ini…
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted …
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 a…
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, …
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a craf…
The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers …
Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of le…
