The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.

Windows Kernel Information Disclosure Vulnerability

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

<p>An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and open a specially crafted file.</p> <p>The update addresses the vulnerability by correcting how Text Services Framework handles objects in memory.</p>

<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>

The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages.

Windows Cryptographic Information Disclosure Vulnerability

<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.</p> <p>To take advantage of the vulnerability, an attacker would require access to the specific SharePoint page affected by this vulnerability.</p> <p>The security update addresses the vulnerability by correcting how scripts are referenced on some SharePoint pages.</p>

Windows MSCTF Server Information Disclosure Vulnerability

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability

Windows Cryptographic Information Disclosure Vulnerability

Windows Camera Codec Information Disclosure Vulnerability

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

The screensharing feature in the Admin application in Apple Xsan before 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate attackers to obtain credentials by reading this dialog.

Windows GDI+ Information Disclosure Vulnerability

Windows Cryptographic Information Disclosure Vulnerability

WebP Image Extensions Information Disclosure Vulnerability

<p>An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows KernelStream handles objects in memory.</p>

Windows Function Discovery SSDP Provider Information Disclosure Vulnerability

Microsoft Excel Information Disclosure Vulnerability

<p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p> <p>To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.</p>

Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.

Windows Canonical Display Driver Information Disclosure Vulnerability

CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files created for downloads, which allows local users to obtain sensitive information by reading these files.

<p>An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.</p> <p>An attacker with unprivileged access to a vulnerable system could exploit this vulnerability.</p> <p>The security update addresses the vulnerability by ensuring the Windows Enterprise App Management Service properly handles file operations.</p>

Remote Desktop Protocol Client Information Disclosure Vulnerability

<p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page.</p> <p>To take advantage of the vulnerability, an attacker would require access to the specific SharePoint page affected by this vulnerability.</p> <p>The security update addresses the vulnerability by correcting how scripts are referenced on some SharePoint pages.</p>

Windows Delivery Optimization Information Disclosure Vulnerability

Windows Error Reporting Information Disclosure Vulnerability

<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 

<p>An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how GDI+ handles memory addresses.</p>

Windows Error Reporting Information Disclosure Vulnerability

Microsoft Word Security Feature Bypass Vulnerability

Azure Sphere Information Disclosure Vulnerability

A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory.

Win32k Information Disclosure Vulnerability

Windows Graphics Component Information Disclosure Vulnerability

Windows Network File System Information Disclosure Vulnerability

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.

Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47

<p>An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability.</p> <p>The security update addresses the vulnerability by correcting how Windows Projected Filesystem handle file redirections.</p>

<p>An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how a NetBT handles objects in memory.</p>

Windows WalletService Information Disclosure Vulnerability

Azure Sphere Information Disclosure Vulnerability

The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.

<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.

dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information.