Ben Barnea

**Name of the Vulnerable Software and Affected Versions** Windows HTML Platforms (affected versions not specified) **Description** A security-feature bypass issue in Windows HTML Platforms can be exploited by a remote attacker to bypass security restrictions. This allows attackers to affect the system. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows MSHTML Platform (affected versions not specified) **Description** The vulnerability in the Windows MSHTML Platform is related to insufficient input validation, allowing remote attackers to execute arbitrary code by sending a specially crafted email. This issue can be exploited without any user interaction, making it uniquely dangerous. The vulnerability affects Microsoft Outlook and can potentially be exploited through Windows Explorer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Media Foundation (affected versions not specified) **Description** The issue is related to insufficient input validation in the Windows Media component, allowing remote attackers to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows HTML Platforms (affected versions not specified) **Description** A security-feature bypass vulnerability in the Windows HTML Platforms allows attackers to affect the system. The issue is related to errors in privilege management. Exploitation of this vulnerability may allow a remote attacker to bypass existing security restrictions. It is mentioned that combining this vulnerability with another could potentially allow for a full-fledged 0-click Remote Code Execution (RCE) against Outlook users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to the implementation of the Windows SMB network protocol in the Microsoft Windows operating system, specifically due to insufficient input validation. This can be exploited by a remote attacker to perform a Denial of Service (DoS) attack. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows MSHTML Platform (affected versions not specified) **Description** The issue is related to errors in security settings, allowing a remote attacker to bypass security restrictions. This security-feature bypass vulnerability enables attackers to affect the system. There is a mention of potential exploitation allowing hackers to steal NTLM credentials with zero clicks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue exists due to insufficient input validation in the Remote Procedure Call Runtime. It allows remote attackers to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient input validation in the Remote Procedure Call Runtime. It allows remote attackers to execute arbitrary code on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue exists due to insufficient input validation in the Procedure Call Runtime of Windows operating systems. This allows a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Local Session Manager (LSM) (affected versions not specified) **Description** The issue is caused by synchronization errors when using a shared resource in the Windows Local Session Manager (LSM) component of the Windows operating system. This allows an attacker to gain unauthorized access to the device. The vulnerability enables attackers to affect the system, potentially leading to elevation of privilege. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows Server operating system, which can be exploited by a remote attacker to elevate their privileges. There is an elevation-of-privilege vulnerability that allows attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Local Session Manager (affected versions not specified) **Description** The issue is related to an uncontrolled resource consumption in the Windows Local Session Manager component of the Windows operating system. It may allow a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Local Session Manager (affected versions not specified) **Description** The issue is related to insufficient input validation in the Windows Local Session Manager component of the Windows operating system. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server versions prior to the fixed version **Description** The issue is related to a tampering vulnerability in the Windows Server service, allowing attackers to affect the system. This vulnerability can lead to authentication coercion, enabling attackers to perform server spoofing or trigger authentication coercion on the victim. The Server service, responsible for managing SMB shares, is impacted, and the vulnerability is significant because the service runs by default on every Windows machine. **Recommendations** For Windows Server versions prior to the fixed version, consider disabling the `srvsvc` service until a patch is available. Restrict access to the `pipesrvsvc` named pipe to minimize the risk of exploitation. Avoid using the Server service for creating, configuring, querying, or deleting shares through RPC over a named pipe until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to insufficient input validation in the Remote Procedure Call Runtime. This can be exploited by a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MiniUPnPd versions prior to 2.1 **Description** A Denial Of Service issue exists due to a NULL pointer dereference in the `GetOutboundPinholeTimeout` function in `upnpsoap.c` for `int port`. **Recommendations** For versions prior to 2.1, update to version 2.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MiniUPnPd versions through 2.1 **Description** A Denial Of Service issue exists due to a NULL pointer dereference in the `copyIPv6IfDifferent` function in `pcpserver.c`. **Recommendations** For versions through 2.1, update to a version that fixes the NULL pointer dereference issue in the `copyIPv6IfDifferent` function.

**Name of the Vulnerable Software and Affected Versions** MiniUPnPd versions prior to 2.1 **Description** A Denial Of Service issue exists due to a NULL pointer dereference in upnpredirect.c, which can be exploited through the AddPortMapping function. **Recommendations** For versions prior to 2.1, update to version 2.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** miniupnpd versions prior to 2.0 **Description** The issue is related to an uninitialized stack variable vulnerability in the `NameValueParserEndElt` function, located in the `upnpreplyparse.c` file. This vulnerability can be exploited by an attacker to cause a Denial of Service, resulting in a segmentation fault and memory corruption, or potentially have other unspecified impacts. **Recommendations** For versions prior to 2.0, update to version 2.0 or later to resolve the issue.