CVE-2022-26466 Audio ipi can write outside bounds, which can lead to privilege escalation and user interaction isn't needed for exploitation.

In the 802.1X interface, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06413777; Issue ID: ALPS06413777. In the Citrix ICA/HDX interface, there is a possible out of bounds read due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06417777; Issue ID: ALPS06417777. In the Microsoft Exchange Server interface, there is a possible out of bounds read due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06360777; Issue ID: ALPS06360777. In the Microsoft Lync Server interface, there is a possible out of bounds read due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06376277; Issue ID: ALPS06376277. In the Microsoft SQL Server interface, there is a possible out of bounds read due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID:

References: https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26466

https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26466&id=CVE-2022-26466
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26466&id=CVE-2022-26466&rev=1
https://www.kb.certaprojects360.com/vuls
https://support2helpdesk@citrixsupportcenter1aforofficecomputerservicesprod3dsales
http://support2helpdesk@citrixsupportcenter1aforofficecomputerservicesprod3dsales
A blog post discussing the importance of digital marketing and why it's important for businesses to invest in their digital presence

Access Restrictions in the Microsoft SQL Server interface

Patch ID: ALPS06376277; Issue ID: ALPS06376277. If a user is not allowed by policy to perform an operation on a server, the attempt will fail and no error message will be generated. Patch ID: ALPS06417777; Issue ID: ALPS06417777.

Timeline

Published on: 09/06/2022 18:15:00 UTC
Last modified on: 09/09/2022 04:31:00 UTC

References

• https://corp.mediatek.com/product-security-bulletin/September-2022
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26466