Lucene search
Mat Powell of Trend Micro Zero Day InitiativeZDI-21-176HistoryFeb 10, 2021 - 12:00 a.m.
Microsoft Windows wab32 WAB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-02-1000:00:00
Mat Powell of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
19
0.015 Low
EPSS
Percentile
86.9%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WAB files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of current process.
Related
cve
cve
CVE-2021-24083
2021-02-25 23:15:15
prion
prion
Remote code execution
2021-02-25 23:15:00
cvelist
cvelist
CVE-2021-24083 Windows Address Book Remote Code Execution Vulnerability
2021-02-25 23:01:44
nvd
nvd
CVE-2021-24083
2021-02-25 23:15:15
mscve
mscve
Windows Address Book Remote Code Execution Vulnerability
2021-02-09 08:00:00
nessus
nessus
KB4601357: Windows Server 2012 February 2021 Security Update
2021-02-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4601347)
2021-02-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4601384)
2021-02-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4601348)
2021-02-10 00:00:00
mskb
mskb
February 9, 2021âKB4601363 (Security-only update)
2021-02-09 08:00:00
February 9, 2021âKB4601357 (Security-only update)
2021-02-09 08:00:00
February 9, 2021âKB4601347 (Monthly Rollup)
2021-02-09 08:00:00
kaspersky
kaspersky
KLA12075 Multiple vulnerabilities in Microsoft Products (ESU)
2021-02-09 00:00:00
KLA12071 Multiple vulnerabilities in Microsoft Windows
2021-02-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2021
2021-02-09 23:51:27