Displaying 38201 - 38219 of 38219

This strike sends a malware sample detected by Mcafee as PWS-Zbot.gen.ael, Microsoft as Worm:Win32/Gamarue.I, Kaspersky as HEUR:Trojan.Win32.Generic, Symantec as Packed.Generic.382, Bitdefender as Gen:Variant.Kazy.77674. The MD5 hash of this sample is 0d01d2ae07ebbb8dc1b9d208dfda01fa.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a heap buffer overflow vulnerability presents in the HP data protector meida operations. This vulnerability is due to improper handle the offset in the connect request packet.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Microsoft Internet Explorer (IE). The vulnerability occurs when Internet Explorer attempts to access a previously freed object. By enticing a user to view a malicious web page, an attacker can remotely execute arbitrary code.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Microsoft Active Template Library (ATL). The vulnerablity lies within the CComVariant::ReadFromStream function used to parse the ATL header. By enticing a user to view a malicious web page, an attacker could execute arbitrary code within the security context of the victim user.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a lack of authentication and a directory traversal vulnerability in Novell iManager. The getMultiPartParameters function does not check for authentication nor for directory traversal characters. This allows an unauthenticated user to upload a an arbitrary file to any directory on the target Machine.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Microsoft Internet Explorer (IE). The vulnerability occurs when Internet Explorer attempts to access a previously freed object. By enticing a user to view a malicious web page, an attacker can remotely execute arbitrary code.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a memory corruption vulnerability in Microsoft Word. The vulnerability is caused by a memory handling error while parsing CSS styles in HTML-formatted files. A remote attacker could exploit this vulnerability by enticing a user to open a malicious web page, causing arbitrary code to be executed with the privileges of the user.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in HPs Intelligent Management Center where an unauthenticated user may download an arbitrary file.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a denial of service vulnerability in Xion Audio Player when handling maliciously crafted .aiff files.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a integer vulnerability inside Microsoft Internet Explorer. The length field of a dashstyle array is not validated properly, and when this property is passed a negative value an attacker modify data inside the array.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to an out-of-bound memory access in the DeleteRangeTimelineOperation class. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process.

Pages