Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-06-16 | CVE-2016-3236 | Data Processing Errors vulnerability in Microsoft products The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy discovery, which allows remote attackers to redirect network traffic via unspecified vectors, aka "Windows WPAD Proxy Discovery Elevation of Privilege Vulnerability." | 9.8 |
| 2016-06-16 | CVE-2016-3235 | Unspecified vulnerability in Microsoft Visio and Visio Viewer Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." | 7.8 |
| 2016-06-16 | CVE-2016-3234 | Information Exposure vulnerability in Microsoft products Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." | 5.5 |
| 2016-06-16 | CVE-2016-3233 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Excel and Office Compatibility Pack Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | 7.3 |
| 2016-06-16 | CVE-2016-3232 | Information Exposure vulnerability in Microsoft Windows Server 2012 R2 The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted application, aka "Windows Virtual PCI Information Disclosure Vulnerability." | 5.0 |
| 2016-06-16 | CVE-2016-3231 | Data Processing Errors vulnerability in Microsoft Windows Diagnostics HUB The Standard Collector service in Windows Diagnostics Hub mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Diagnostics Hub Elevation of Privilege Vulnerability." | 7.8 |
| 2016-06-16 | CVE-2016-3230 | Improper Input Validation vulnerability in Microsoft products The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to cause a denial of service (performance degradation) via a crafted application, aka "Windows Search Component Denial of Service Vulnerability." | 5.0 |
| 2016-06-16 | CVE-2016-3228 | Improper Input Validation vulnerability in Microsoft Windows Server 2008 and Windows Server 2012 Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability." | 8.8 |
| 2016-06-16 | CVE-2016-3227 | Unspecified vulnerability in Microsoft Windows Server 2012 R2 Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability." | 9.8 |
| 2016-06-16 | CVE-2016-3226 | Improper Access Control vulnerability in Microsoft Windows Server 2008 and Windows Server 2012 Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability." | 6.5 |