Displaying 38081 - 38100 of 38219

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a vulnerability in Samba Server. When processing NT Trans Requests, the NextEntryOffset parameter is used to allocate a buffer. An abnormally large value can be used to trigger an integer overflow. Should the resulting value be 0, the loop will repeat infinitely, eventually exhausting all available memory, leading to a denial of service condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Windows Kernel-Mode driver caused by improper handling of memory objects while parsing TrueType fonts. A remote attacker could exploit the vulnerability to execute arbitrary code or cause a denial of service BSOD by enticing a user to open a specially crafted TrueType file.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in HPs Intelligent Management Center where a user can download an arbitrary file.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a denial of service vulnerability present in the novell LDAP service. This vulerability is due to incorrect memory handling of large memory alloccating request.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a memory corruption vulnerability in Microsoft Windows Internet Explorer. The vulnerability lies in the handling of DOM node objects. By enticing a user to view a malicious web page, an attacker could execute arbitrary code on the victim machine in the context of the user.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike identifies an authentication vulnerability in Cisco Network Registrar, when Logging in. Default login credentials for username and password allow for unrestricted access.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a heap buffer overflow in Apple Quicktime. The vulnerability is due to insuficient validation Clipping Region CRGN atoms. An attacker could exploit this vulnerability by enticing a user to open a malicious file with the vulnerable software, potentially executing arbitrary code.

CVSS: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

This strike exploits an arbitrary command execution vulnerability in SAPs NetWeaver via their SOAP interface.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike identifies a vulnerability in Cisco CNS Network Registrar. If the recovery failed command is sent to the lock manager on a pre-determined TCP port a denial of service condition can occur.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a buffer overflow vulnerability in Opera 10.10 through 10.50. This vulnerability is due to improper checking content-length value. The attacker can send malicious http response packet with large content-length value lead to buffer overflow.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a stack based buffer overflow vulnerability in Media Jukebox player when handling m3u and pls files.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a remote code-execution vulnerability in HP Application Lifecycle Management. The vulnerability is due to the insecure exposure of the SetShapNodeType method in the XGO.ocx ActiveX control. By enticing a user to open a crafted web page an attacker could remotely execute arbitrary code.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a vulnerability in the routing engine of multiple network equipment manufacturers. The vulnerability is caused by a failure to filter non-local Network Discovery packets. By sending a large number of packets, the targeted device can run out of available CPU cycles.

Pages