Vulnerabilities > Improper Privilege Management
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-11 | CVE-2020-0697 | Improper Privilege Management vulnerability in Microsoft Office 365 Proplus An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.The security update addresses the vulnerability by correcting how the process validates the log file., aka 'Microsoft Office Tampering Vulnerability'. | 7.2 |
2020-02-11 | CVE-2020-0692 | Improper Privilege Management vulnerability in Microsoft Exchange Server 2013/2016/2019 An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. | 6.8 |
2020-02-11 | CVE-2020-0691 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. | 7.2 |
2020-02-11 | CVE-2020-0686 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. | 7.2 |
2020-02-11 | CVE-2020-0685 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. | 7.2 |
2020-02-11 | CVE-2020-0682 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. | 7.2 |
2020-02-11 | CVE-2020-0680 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. | 4.6 |
2020-02-11 | CVE-2020-0679 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. | 4.6 |
2020-02-11 | CVE-2020-0678 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. | 7.2 |
2020-02-11 | CVE-2020-0672 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.2 |