Msrc Microsoft Exchange Server 2016 vulnerabilities

CVE-2018-8581 [HIGH] Microsoft Exchange Server Elevation of Privilege Vulnerability Microsoft Exchange Server Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server. To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Mic

CVE-2010-3190 [CRITICAL] MFC Insecure Library Loading Vulnerability MFC Insecure Library Loading Vulnerability Description: A remote code execution vulnerability exists in the way that certain applications built using Microsoft Foundation Classes (MFC) handle the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full

CVE-2018-0986 [HIGH] Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take contr

CVE-2017-11940 [HIGH] Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take cont

CVE-2017-11937 [HIGH] Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take cont

CVE-2017-8541 [HIGH] Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take contr

CVE-2017-8538 [HIGH] Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take contr

CVE-2017-8540 [HIGH] Microsoft Malware Protection Engine Remote Code Execution Vulnerability Microsoft Malware Protection Engine Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take contr

CVE-2017-8537 [MEDIUM] Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Description: A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the service is

CVE-2017-8536 [MEDIUM] Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Description: A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the service is

CVE-2017-8542 [MEDIUM] Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Description: A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the service is

CVE-2017-8539 [MEDIUM] Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Description: A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the service is

CVE-2017-8535 [MEDIUM] Microsoft Malware Protection Engine Denial of Service Vulnerability Microsoft Malware Protection Engine Denial of Service Vulnerability Description: A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the service is

CVE-2016-0028 [MEDIUM] Microsoft Exchange Information Disclosure Vulnerability Microsoft Exchange Information Disclosure Vulnerability Description: An email filter bypass exists in the way that Microsoft Exchange parses HTML messages that could allow information disclosure. An attacker who successfully exploited the vulnerability could identify, fingerprint, and track a user online if the user views email messages using Outlook Web Access (OWA). An attacker could also combine this vulnerability