Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiJaanus KpClarified SecurityZDI-18-300
HistoryApr 17, 2018 - 12:00 a.m.

Microsoft Windows URL Moniker Out-Of-Bounds Read Information Disclosure Vulnerability

2018-04-1700:00:00
Jaanus KpClarified Security
www.zerodayinitiative.com
33

0.004 Low

EPSS

Percentile

72.6%

JSON

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. Interaction with a particular library is required to exploit this vulnerability but specific attack vectors may vary. The specific flaw exists within the implementation of the URL Moniker class. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.

Related

nvd 1
cve 1
mscve 1
symantec 1
cvelist 1
zdi 1
prion 1
openvas 8
mskb 8
nessus 9
kaspersky 2
myhack58 1
talosblog 1
trendmicroblog 1
nvd
nvd
CVE-2017-11790
2017-10-13 13:29:00
cve
cve
CVE-2017-11790
2017-10-13 13:29:00
mscve
mscve
Internet Explorer Information Disclosure Vulnerability
2017-10-10 07:00:00
symantec
symantec
Microsoft Internet Explorer CVE-2017-11790 Information Disclosure Vulnerability
2017-10-10 00:00:00
cvelist
cvelist
CVE-2017-11790
2017-10-10 00:00:00
zdi
zdi
Microsoft Office Excel xls File Out-Of-Bounds Read Information Disclosure Vulnerability
2017-10-11 00:00:00
prion
prion
Information disclosure
2017-10-13 13:29:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (KB4040685)
2017-10-11 00:00:00
Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4041690)
2017-10-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4041681)
2017-10-11 00:00:00
mskb
mskb
Cumulative security update for Internet Explorer: October 10, 2017
2017-10-10 07:00:00
October 10, 2017—KB4041690 (Monthly Rollup)
2017-10-16 07:00:00
October 10, 2017—KB4041681 (Monthly Rollup)
2017-10-16 07:00:00
nessus
nessus
Security Updates for Internet Explorer (October 2017)
2017-11-30 00:00:00
Windows 7 and Windows Server 2008 R2 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
Windows Server 2012 October 2017 Security Updates (KRACK)
2017-10-10 00:00:00
kaspersky
kaspersky
KLA11112 Multiple vulnerabilities in Microsoft Browsers
2017-10-10 00:00:00
KLA11108 Multiple vulnerabilities in Microsoft Products (ESU)
2017-10-10 00:00:00
myhack58
myhack58
Microsoft windows October release of the 62 flaws vulnerability bug patch, and repair of the National researchers submitted the 0-day flaw vulnerability bug-vulnerability warning-the black bar safety net
2017-10-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - October 2017
2017-10-10 13:25:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 9, 2017
2017-10-13 14:03:59

0.004 Low

EPSS

Percentile

72.6%

JSON
Related for ZDI-18-300
nvd1cve1mscve1symantec1cvelist1zdi1prion1openvas8mskb8nessus9kaspersky2myhack581talosblog1trendmicroblog1