Displaying 38161 - 38180 of 38219

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in HPs Intelligent Management Center where an unauthenticated user may download an arbitrary file.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in the Serva HTTP Server. By sending a malformed GET HTTP request to the remote Machine, a denial of service condition occurs.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a double free memory corruption vulnerability in Microsoft Windows Internet Explorer. The vulnerability lies in the handling of svg element properties. By enticing a user to view a malicious web page, an attacker could execute arbitrary code on the victim machine in the context of the user.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits an arbitrary code execution vulnerability in Novel ZENworks Mobile Management. A crafted HEAD message to download.php can be sent to store arbitrary PHP code in a temporary file. A crafted POST message to DUSAP.php can then be sent to execute the code in the file.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a buffer overflow vulnerability in Simple Open Music Player when handling crafted m3u files with an overly large amount of data.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits multiple denial of service vulnerabilities in Nero MediaHome. By sending requests to the server that contain either an overly large URI or maliciously crafted headers, the attacker can cause a stack buffer to overflow causing a denial of service condition to occur.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Apple Safari. The flaw occurs when handling CSS text object.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in HP Power Manager Server. If an HTP request is sent to the Login URI the code copies the login variable into a fixed stack buffer of 198 bytes. If a larger amount than this is received it will overwrite critical data.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a stack over flow in Destiny Media Player. Due to a lack of proper validation, an overly string can overflow data on the stack when a playlist file is opened.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a SQL injection vulnerability in Symantec IM Manager. The vulnerability is due to a failure to properly validate parameters in HTTP requests to IMAdminLDAPConfig.asp. A remote attacker could exploit this vulnerability by enticing an authenticated user to view a malicious web page, resulting in execution of arbitrary SQL code against the IM Manager database.

CVSS: 6.2 (AV:L/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a Denial-of-ServerDoS bug in the Android kernel where writing to the same file on the SD card multiple times causes the kernel to crash and device to reboot.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

This strike exploits a denial of service vulnerability in Symantecs Intel Alert Handler Service. The sizeValueN is used to calculate the next parameter, and if an overly large value is used for this parameter random memory is accessed resulting in a denial of service condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability found on the Citrix Provisioning Service. A specially crafted packet sent to the service associated with the streamprocess.exe executable listening on UDP/6905 will generate a buffer overflow and can subsequently lead to remote system takeover.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Novell NetIdentity that is due to a pointer dereference in xtagent.exe when handling RPC messages over the XTIERRPCPIPE pipe.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a flaw in Adobe Reader where a malformed Portable Document Format with embedded Javascript assigns more data to an array than it declares.

Pages