Posts Tagged ‘Elevation of Privilege’

Vulnerability

Elevation of Privilege

Vulnerability: Elevation of Privilege in Microsoft Windows

Danger: Low
Patch: Yes
Number of vulnerabilities: 2

CVE ID: CVE-2012-2530
CVE-2012-2553
Vector of operation: Local Net
Impact: Privilege escalation

Affected products: Microsoft Windows XP Home Edition, Windows XP Professiona, Windows Server 2003 Web Edition, Windows Server 2003 Standard Edition, Windows Server 2003 Enterprise Edition, Windows Server 2003 Datacenter Edition, Windows Storage Server 2003, Windows Vista, Windows Server 2008, Windows 7.

Affected versions: Microsoft Windows XP, Microsoft Windows 2003, Microsoft Windows Vista, Microsoft Windows 2008, Microsoft Windows 7, Microsoft Windows 2008 R2. (more…)

Vulnerability

Vulnerabilities in Smartphone Pentest

Vulnerability: Multiple vulnerabilities in Smartphone Pentest Framework (SPF)

Danger: High
Number of vulnerabilities: 5
CVE ID:

– CVE-2012-5697;
– CVE-2012-5694;
– CVE-2012-5693;
– CVE-2012-5695;
– CVE-2012-5696.

Vector operation: Local Network (LAN)
Impact: Cross Site Scripting, Unauthorized manipulation of data, Elevation of Privilege, Security Bypass, System compromise

Affected Products: Smartphone Pentest Framework (SPF) 1.x

Affected versions: Smartphone Pentest Framework (SPF) 1.0 (more…)

Sophos antivirus

Vulnerabilities in Sophos Antivirus

Vulnerability: Multiple vulnerabilities in Sophos antivirus

Danger: High
Patch: Yes
Number of vulnerabilities: 6
Vector operation: Remote

Impact: Cross Site Scripting,  Elevation of Privilege,  System compromise.

Affected products:  Sophos Anti-Virus 10.x,  Sophos Anti-Virus 9.x,  Sophos Anti-Virus for Mac OS X 8.x,  Sophos Anti-Virus for Unix 4.x.

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system. (more…)

Oracle LogoVulnerability: Multiple vulnerabilities in Oracle Solaris

Danger: High
Patch: Yes
Number of vulnerabilities: 19

Impact:

  • Denial of service
  • Disclosure of sensitive data
  • The introduction of a user’s session
  • Unauthorized manipulation of data
  • Elevation of Privilege