Displaying 41 - 60 of 37686
Last import : Jun 21 13:40

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow in Oracle Secure Backup. The vulnerability is due to a lack of bounds checking on the reverse lookup on the connections to the service. By exploiting this vulnerability, an attacker could execute code in the security context of the SYSTEM user.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a flaw in SAP's NetWeaver where a user can send a malformed request which can overwrite memory.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Microsoft Internet Explorer (IE). The vulnerability occurs when Internet Explorer attempts to access a previously freed CMarkup object. By enticing a user to view a malicious web page, an attacker can remotely execute arbitrary code.

This strike simulates command and control communications from the BlackEnergy botnet. In this strike, ten exchanges between the bot and the command and control server occur in rapid succession. In reality these communications would be further apart.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in Hyleos ChemView. The ActiveX control methods SaveAsMolFile and ReadMolFile are not properly validated, and if an overly long first argument is passed to them, a buffer will be overrun.

This strike simulates command and control communications from the SpyEye botnet. The following communications occur in order: Initial check-in with cc server Build Update Config Update Turn on Plugins Load Command Post Data to cc server In this strike, the communications occur in immediate succession. In reality these communications would be further apart.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike identifies a vulnerability in BigAnt Server. SCH and DUPF requests are not properly validated, and when an overly long value is passed to the username value in an SCH request, an SQL query fails. This error message is copied to a 400 byte stack buffer without validation.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

This strike exploits a flaw in Novell GroupWise where the HTTP interface allows an attacker to download an arbitrary file.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a flaw in the Opera browser where a malformed Scalable Vector Graphics (SVG) file can reuse an object after it has been deleted.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies a vulnerable ActiveX control that allows users to utilize the Comp_Download method to install files on a user's remote system.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Microsoft's Internet Explorer where Javascript can modify a document and attempt to reuse data after it has been freed.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Microsoft's Internet Explorer where Javascript can modify a document and attempt to reuse data after it has been freed.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow in the Portable SDK library which is used in several embedded devices to handle Universal Plug and Play (UPnP) packets.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in the libcurl library where a corrupted server can require MD5 authentication which then clobbers a client buffer.

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a flaw in EMC's AlphaStor Device Manager where a malformed device name can overwrite a stack buffer.

CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C)

This strike exploits a bug in a BIND server where a specific configuration doesn't respond properly to an IPv6 request.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Microsofts Internet Explorer where Javascript can modify a document and attempt to reuse data after it has been freed.

This strike sends a malware sample detected by Mcafee as Artemis!0FC2C8AC0143, Microsoft as TrojanSpy:Win32/Bancos.AIS, Kaspersky as Trojan-Banker.Win32.Banbra.avqv, Bitdefender as Gen:Variant.Kazy.65871. The MD5 hash of this sample is 0fc2c8ac0143c828840b8bb3ba592a38.

This strike sends a malware sample detected by Mcafee as Artemis!E4950D3EE5B9, Kaspersky as UDS:DangerousObject.Multi.Generic, Symantec as WS.Reputation.1, Bitdefender as Trojan.Generic.KDV.765203. The MD5 hash of this sample is e4950d3ee5b91ac30f5ed449001c992a.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack overflow in Schneider Electric's Interactive Graphical SCADA where a malformed user request can clobber a stack buffer.

Pages