>> ARCHIVE: 2016-10

NETGATE Data Backup build 3.0.605 suffers from an unquoted service path privilege escalation vulnerability.

Subrion CMS version 4.0.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

iWisoft Free Video Downloader version 2.1 suffers from a dll hijacking vulnerability.

Advanced Upload (PHP) Script version 1.0.2 suffers from a remote SQL injection vulnerability.

Windows x86 afd.sys privilege escalation exploit that leverages the issue outlined in MS11-046.

The Windows DeviceApi CMApi PnpCtxRegOpenCurrentUserKey function doesn’t check the impersonation level of the current effective token allowing a normal user to create arbitrary registry keys in another user’s loaded hive…

The Windows DFS Client driver and running by default insecurely creates and deletes drive letter symbolic links in the current user context leading to elevation of privilege.

The Windows DeviceApi CMApi PiCMOpenClassKey IOCTL allows a normal user to create arbitrary registry keys in the system hive leading to elevation of privilege.

The fix for CVE-2016-3231 is insufficient to prevent a normal user specifying an insecure agent path leading to arbitrary DLL loading at system privileges.

Windows suffers from an elevation of privilege vulnerability in the User Profile Service.