6.9
CVE-2018-25244 - Microsoft Eco Search 1.0.2.0 Denial of Service
Microsoft Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar and trigger a crash by initiaβ¦
6.9
CVE-2018-25243 - Microsoft FastTube 1.0.1.0 Denial of Service via Search
Microsoft FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the search bar and trigger a crash when the search opβ¦
6.9
CVE-2018-25242 - Microsoft One Search 1.1.0.0 Denial of Service
Microsoft One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled eβ¦
8.7
CVE-2018-25241 - Microsoft VPN Browser+ 1.1.0.0 Denial of Service
Microsoft VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of characters into the search bar to trigger an unhandled excepβ¦
6.9
CVE-2018-25240 - Microsoft Watchr 1.1.0.0 Denial of Service via Search
Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause β¦
6.9
CVE-2018-25239 - Microsoft Smart VPN 1.1.3.0 Denial of Service via Search
Microsoft Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the search interface. Attackers can paste a buffer of 2100 characters into the top right search bar to trigger an unhandled exception thaβ¦
6.9
CVE-2018-25238 - Microsoft VSCO 1.1.1.0 Denial of Service via Search
Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an appliβ¦
8.5
CVE-2016-20061 - sheed AntiVirus 2.3 Unquoted Service Path Privilege Escalation
sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquoted path and trigger service restart or system reboot to execβ¦
8.5
CVE-2016-20060 - Hotspot Shield 6.0.3 Unquoted Service Path Privilege Escalation
Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious cβ¦
8.5
CVE-2016-20059 - IObit Malware Fighter 4.3.1 Unquoted Service Path Privilege Escalation
IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege escalation when the servicβ¦