Microsoft Security Response Center

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of certain kernel memory content.

Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.

No cwe for this issue in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

**According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), and some loss of integrity (I:L) and no loss of availability (A:N). What does that mean for this vulnerability?** An attacker who successfully exploited this vulnerability could view sensitive information, a token in this scenario (Confidentiality), and make some changes to disclosed information (Integrity), but they would not be able to affect Availability.

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

**How could an attacker exploit this vulnerability?** An attacker could successfully exploit this vulnerability by attempting to connect to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary code.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.