Displaying 38101 - 38120 of 38219

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Oracle Java. The vulnerability can be exploited by overriding the toString method of the Error class within the Rhino JavaScript Engine. Successful exploitation of this vulnerability could result in the execution of arbitrary Java code on the target system.

CVSS: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

This strike exploits a vulnerability in Apache HTTPD. When an a header of over 8190 characters is sent to the server it returns a 400 Bad Request page. If no custom error page is set, a default page containing the offending header is sent to the client. When run the script sets malicious cookies with overly long cookie headers. When this request is compiled and sent to the server it discloses all...

CVSS: 5.4 (AV:N/AC:H/Au:N/C:N/I:N/A:C)

This strike exploits a buffer overflow vulnerability in Audio Coder when handling maliciously crafted .m3u files.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a vulnerability in Samba Server. When processing NT Trans Requests, the NextEntryOffset parameter is used to allocate a buffer. An abnormally large value can be used to trigger an integer overflow. Should the resulting value be 0, the loop will repeat infinitely, eventually exhausting all available memory, leading to a denial of service condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Windows Kernel-Mode driver caused by improper handling of memory objects while parsing TrueType fonts. A remote attacker could exploit the vulnerability to execute arbitrary code or cause a denial of service BSOD by enticing a user to open a specially crafted TrueType file.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in HPs Intelligent Management Center where a user can download an arbitrary file.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a denial of service vulnerability present in the novell LDAP service. This vulerability is due to incorrect memory handling of large memory alloccating request.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a memory corruption vulnerability in Microsoft Windows Internet Explorer. The vulnerability lies in the handling of DOM node objects. By enticing a user to view a malicious web page, an attacker could execute arbitrary code on the victim machine in the context of the user.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike identifies an authentication vulnerability in Cisco Network Registrar, when Logging in. Default login credentials for username and password allow for unrestricted access.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a heap buffer overflow in Apple Quicktime. The vulnerability is due to insuficient validation Clipping Region CRGN atoms. An attacker could exploit this vulnerability by enticing a user to open a malicious file with the vulnerable software, potentially executing arbitrary code.

CVSS: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

This strike exploits an arbitrary command execution vulnerability in SAPs NetWeaver via their SOAP interface.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike identifies a vulnerability in Cisco CNS Network Registrar. If the recovery failed command is sent to the lock manager on a pre-determined TCP port a denial of service condition can occur.

Pages