Displaying 38161 - 38180 of 38219

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a denial of service vulnerability in Xion Audio Player when handling maliciously crafted .aiff files.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a denial of service vuln within SMB. An SMB Session Setup AndX request uses the SecurityBlobLength value to find the context after the Security Blob. If this value is overly large, the buffer pointer will point to uninitialized variable which can terminate a process.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a use after free vulnerability in Microsoft Windows Internet Explorer. The vulnerability lies in the handling of Document Object Model (DOM) Nodes. By enticing a user to view a malicious web page, an attacker could execute arbitrary code on the victim machine in the context of the user.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Novell Zenworks Handheld Management. A specially crafted initial connection request packet can overflow a heap buffer. Successful exploitation could result in execution of arbitrary code or abnormal termination resulting in a denial of service condition.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies a buffer overflow vulnerability in Winds3D Viewer. An activeX control does not properly validate the value passed to the SceneURL parameter. An overly long value passed to SceneURL will overflow the buffer.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike triggers a stack-based buffer overflow vulnerability in IBM Tivolis Storage Manager. In the Remote Client Agent Service messages the Length1 and Length2 parameters are not properly validated before copying the NodeName into a 129 byte buffer. If either of these values are larger than this the stack will overflow.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability inside an ActiveX control within Image Viewer. If an overly long string is passed to the TIFMergeMultiFiles method, a buffer can overflow allowing for remote code execution.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a memory corruption vulnerability in Microsoft Office Excel. The vulnerability is due to improper parsing of Publisher records in Excel files. This vulnerability can lead to arbitrary code execution in the context of the current user.s

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a buffer over flow in the Server Message Block implementation in Samba server. If a Security ID SubAuthorityCount is greater than 15 the buffer will over flow.

This strike sends a malware sample detected by Mcafee as PWS-Zbot.gen.ael, Microsoft as Worm:Win32/Gamarue.I, Kaspersky as HEUR:Trojan.Win32.Generic, Symantec as Packed.Generic.382, Bitdefender as Gen:Variant.Kazy.77674. The MD5 hash of this sample is 0d01d2ae07ebbb8dc1b9d208dfda01fa.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a heap buffer overflow vulnerability presents in the HP data protector meida operations. This vulnerability is due to improper handle the offset in the connect request packet.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Microsoft Internet Explorer (IE). The vulnerability occurs when Internet Explorer attempts to access a previously freed object. By enticing a user to view a malicious web page, an attacker can remotely execute arbitrary code.

Pages