Displaying 38121 - 38140 of 38219

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a buffer overflow vulnerability on the Oracle Java applet image rendering library. The vulnerability can be triggered due to inadequate memory management when calling the lookupByteBi function contained in the ImagingLib library. A user could be manipulated into accessing a web page that downloads and executes a malicious applet that can lead to arbitrary code execution with...

CVSS: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in HP DataProtector Express. The vulnerability exists in how the DtbClsLogin method hanles the username parameter. A 240 byte stack buffer is allocated for this parameter, and because it is not validated properly a large value will overflow the stack buffer.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Apple Safari. The flaw occurs when handling reference to objects in DOM.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability within Microsoft Windows NetServerEnum2Responses. A stack buffer overflow occurs in the response when the ServerName fields contain a Win32ErrorCode that is 0x00ea. If the ServerName is not null terminated it is not handled properly and it gets copied along with the following data into the stack buffer.

This strike sends a malware sample detected by Mcafee as Adware-HotBar.f, Microsoft as Adware:Win32/Hotbar, Kaspersky as not-a-virus:AdWare.Win32.ScreenSaver.i, Symantec as Adware.Clkpotato!gen3, Bitdefender as Gen:Variant.Adware.Hotbar.2. The MD5 hash of this sample is 086ebbf5bc9f43f7a6a33def630aba6d.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in HP OpenView DataProtector MMD. A stack buffer overflow occurs when a specially crafted packet is sent, which can lead to arbitrary code execution.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a use after free vulnerability in Microsoft Internet Explorer. When the CSS first-line function processes specially crafted content, heap buffer is freed twice, resulting in a use after free condition. Successful exploitation could result in the execution of arbitrary code or abnormal termination of Internet Explorer.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Microsoft Internet Explorer contains a memory corruption vulnerability. If an element object is created with no variable referencing it, the memory will be freed during garbage collection. If cloneNode is then called on that object, which contains a pointer to the now freed memory, memory corruption could occur. Successful exploitation could lead to execution of arbitrary code or abnormal termination...

CVSS: 7.8 (AV:N/AC:M/Au:N/C:P/I:N/A:C)

This strike exploits a buffer overflow vulnerability in Belkin Bulldog Web Service. If an HTTP request with an overly long URI string is received, a stack buffer will overflow causing the service to crash.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Samba WINS service. Specifically, the vulnerability is due to a boundary error in the reply netbios packet function which constructs and sends replies. An attacker on a local network can send WINS Name Registration requests followed by a Name Query request. If more than 96 different IP addresses are mapped to this name, when the Name Query request is sent,...

CVSS: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

This strike exploits a cross site scripting vulnerability in Microsoft Internet Explorer. When parsing HTML code with certain control characters from the EUC-JP library, the character will be handled improperly if it is at certain locations in the code, causing the following character to be removed, changing how the HTML will be parsed by the browser. Scripts can be hidden in the HTML in a manner...

Pages