VULHUB ™

Microsoft Virtual Machine contains three vulnerabilities that could allow a remote attacker to execute code on the vulnerable system. Successful exploitation could lead to a complete system compromise. The first vulnerability allows remote execution of DLLs. These would be executed in the context of the currently logged in user. The second vulnerability involves improper validation in handles provided as input. Supplying malformed data would cause the application hosting the virtual machine to fail. The third vulnerability allows a set of XML methods to be exposed to all applications rather than a set of trusted applications. This could allow arbitrary code execution on the vulnerable system in the security context of the currently logged in user.

Microsoft Virtual Machine contains three vulnerabilities that could allow a remote attacker to execute code on the vulnerable system. Successful exploitation could lead to a complete system compromise. The first vulnerability allows remote execution of DLLs. These would be executed in the context of the currently logged in user. The second vulnerability involves improper validation in handles provided as input. Supplying malformed data would cause the application hosting the virtual machine to fail. The third vulnerability allows a set of XML methods to be exposed to all applications rather than a set of trusted applications. This could allow arbitrary code execution on the vulnerable system in the security context of the currently logged in user.