Monthly Archive: February 2021

Windows Network File System Denial of Service Vulnerability Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24075

Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24094. Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074

Skype for Business and Lync Spoofing Vulnerability Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24073

Microsoft SharePoint Server Remote Code Execution Vulnerability Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24072

Microsoft SharePoint Information Disclosure Vulnerability Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24071

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24069. Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24070

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24070. Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24069

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24069, CVE-2021-24070. Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24068

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24068, CVE-2021-24069, CVE-2021-24070. Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24067

Microsoft SharePoint Remote Code Execution Vulnerability Date published : 2021-02-25 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24066

Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected....

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access...

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using...

The DOMParser API did not properly process ‘‘ elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86. Date published : 2021-02-25...