Displaying 38041 - 38060 of 38219

CVSS: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)

This strike exploits a null pointer dereference vulnerability in Digium Asterisk. A pointer is set to null when a session is closed. If the session is closed during an off-hook state, that pointer is later dereferenced. Successful exploitation would result in abnormal termination of the server, resulting in a denial of service condition.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a use after free error triggered because of an error Microsoft Scripting Runtime Object Library . If a user opens a specially crafted web page, on a vulnerable machine, a use after free memory corruption is trigered that can lead to arbitrary code execution using local privileges. All versions of Microsoft Windows are vulnerable to this attack.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a stack buffer overflow vulnerability in Cytel Studio Player when handling crafted cy3 files with an overly large amount of data.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Oracle Java. The vulnerability is due to a design weakness within the AtomicReferenceArray class. Successful exploitation of this vulnerability could result in the execution of arbitrary Java code on the target system.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a buffer overflow vulnerability in Microsoft Excel. This flaw is triggered when a malformed HFPicture record is parsed in a malicious XLS document. An attacker could exploit the vulnerability by enticing a user to open a maliciously crafted document.

CVSS: 6.6 (AV:N/AC:H/Au:N/C:P/I:P/A:C)

This strike exploits a stack buffer overflow vulnerability in Amlibs NetOpacs. If a large value is passed to the app parameter registers can be overwritten allowing for the execution of directed code.

CVSS: 5.4 (AV:N/AC:H/Au:N/C:N/I:N/A:C)

This strike exploits a vulnerability in PDFViewers activeX control PDFViewerLib.PDFViewer. If an overfly long string is passed to the TitleBarText argument a buffer will overflow causing a denial of service condition to occur.

CVSS: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

This strike exploits a cross site scripting vulberability in Microsoft Windows. The mhtml handler does not perform sufficient validation, allowing scripting code to be executed. Successful exploitation may result in execution of arbitrary script code.

CVSS: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)

This strike exploits an information disclosure vulnerability in Zend Technologies Zend Framework. A user can POST a crafted XML file and receive content of arbitrary files.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a dos vulnerability presents in the HP data protector omnilnet service. This vulnerability is due to improper handle the argument 6 in the command packet which can lead to dereferenciation error.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a memory corruption vulnerability in Oracle Java. The vulnerability is due to insufficient validation of serialized ConcurrentHashMap objects. Successful exploitation of this vulnerability could result in the execution of arbitrary Java code on the target system.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a command execution vulnerability in Apache struts2. This vulnerability is due to no input check the cookie names. Remote attackers may do arbitrary code execution on the target system.

Pages