Autor: Peter Leibling

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

Access of resource using incompatible type (‚type confusion‘) in Windows Message Queuing allows an authorized attacker to execute code over a network.

Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network.

Access of resource using incompatible type (‚type confusion‘) in Windows Message Queuing allows an authorized attacker to execute code over a network.

Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.