Displaying 38081 - 38100 of 38219

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a memory corruption vulnerability in Microsoft Windows Internet Explorer. The vulnerability lies in the handling of DOM node objects. By enticing a user to view a malicious web page, an attacker could execute arbitrary code on the victim machine in the context of the user.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike identifies an authentication vulnerability in Cisco Network Registrar, when Logging in. Default login credentials for username and password allow for unrestricted access.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a heap buffer overflow in Apple Quicktime. The vulnerability is due to insuficient validation Clipping Region CRGN atoms. An attacker could exploit this vulnerability by enticing a user to open a malicious file with the vulnerable software, potentially executing arbitrary code.

CVSS: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

This strike exploits an arbitrary command execution vulnerability in SAPs NetWeaver via their SOAP interface.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike identifies a vulnerability in Cisco CNS Network Registrar. If the recovery failed command is sent to the lock manager on a pre-determined TCP port a denial of service condition can occur.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a buffer overflow vulnerability in Opera 10.10 through 10.50. This vulnerability is due to improper checking content-length value. The attacker can send malicious http response packet with large content-length value lead to buffer overflow.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a stack based buffer overflow vulnerability in Media Jukebox player when handling m3u and pls files.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a remote code-execution vulnerability in HP Application Lifecycle Management. The vulnerability is due to the insecure exposure of the SetShapNodeType method in the XGO.ocx ActiveX control. By enticing a user to open a crafted web page an attacker could remotely execute arbitrary code.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a vulnerability in the routing engine of multiple network equipment manufacturers. The vulnerability is caused by a failure to filter non-local Network Discovery packets. By sending a large number of packets, the targeted device can run out of available CPU cycles.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in Rhino Ser-Us Web Server. The Session parameter of the Cookie header is not properly validated, and when the value is read in it first gets converted to unicode then converts two bytes of the Session string into a long int and writes that resulting value to a fixed stack buffer.

CVSS: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)

This strike exploits a buffer overflow vulnerability in Multimedia Builder 4.9.8 when handling maliciously crafted .mef files. If a crafted file with an overly large amount of data is opened a buffer will overflow resulting in a denial of service condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Schneider Electrics Accutech Manager. An HTTP request URI value is not properly validated, and if a size over more than 128 bytes is received, a buffer is overflown causing a denial of serice condition.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies a buffer overflow vulnerability in PointDev IDEAL Migration and Adminisration. A crafted ipj file can overflow a buffer allowing for remote code execution.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a Use-After-Free in TextField thickness setter. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process.

Pages