Displaying 41 - 60 of 38146
Last import : Jun 17 17:00

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability in Microsoft Internet Explorer IE. The vulnerability occurs when Internet Explorer attempts to access a previously freed CMarkup object. By enticing a user to view a malicious web page, an attacker can remotely execute arbitrary code.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a flaw in VMwares OVF Tool where a malformed string can lead to memory corruption.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow in Oracle Secure Backup. The vulnerability is due to a lack of bounds checking on the reverse lookup on the connections to the service. By exploiting this vulnerability, an attacker could execute code in the security context of the SYSTEM user.

This strike simulates command and control communications from the SpyEye botnet. The following communications occur in order: Initial check-in with cc server Build Update Config Update Turn on Plugins Load Command Post Data to cc server In this strike, the communications occur in immediate succession. In reality these communications would be further apart.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in SAP NetWeavers Message Server. Specifically, when a request to the server is processed that has the iflag field set to 05 and the optcode 15, the buffer size field is calculated with a max of 78 bytes. Because it is not validated, data with a size greater than 78 bytes will overflow this buffer.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in Hyleos ChemView. The ActiveX control methods SaveAsMolFile and ReadMolFile are not properly validated, and if an overly long first argument is passed to them, a buffer will be overrun.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies a vulnerable ActiveX control that allows users to utilize the Comp Download method to install files on a users remote system.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

This strike exploits a flaw in Novell GroupWise where the HTTP interface allows an attacker to download an arbitrary file.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a flaw in the Opera browser where a malformed Scalable Vector Graphics SVG file can reuse an object after it has been deleted.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike identifies a vulnerability in BigAnt Server. SCH and DUPF requests are not properly validated, and when an overly long value is passed to the username value in an SCH request, an SQL query fails. This error message is copied to a 400 byte stack buffer without validation.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in the libcurl library where a corrupted server can require MD5 authentication which then clobbers a client buffer.

CVSS: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C)

This strike exploits a bug in a BIND server where a specific configuration doesnt respond properly to an IPv6 request.

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a flaw in EMCs AlphaStor Device Manager where a malformed device name can overwrite a stack buffer.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Microsofts Internet Explorer where Javascript can modify a document and attempt to reuse data after it has been freed.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Microsoft's Internet Explorer where Javascript can modify a document and attempt to reuse data after it has been freed.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow in the Portable SDK library which is used in several embedded devices to handle Universal Plug and Play UPnP packets.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Microsoft's Internet Explorer where Javascript can modify a document and attempt to reuse data after it has been freed.

This strike sends a malware sample detected by Mcafee as Artemis!0FC2C8AC0143, Microsoft as TrojanSpy:Win32/Bancos.AIS, Kaspersky as Trojan-Banker.Win32.Banbra.avqv, Bitdefender as Gen:Variant.Kazy.65871. The MD5 hash of this sample is 0fc2c8ac0143c828840b8bb3ba592a38.

This strike sends a malware sample detected by Mcafee as Artemis!E4950D3EE5B9, Kaspersky as UDS:DangerousObject.Multi.Generic, Symantec as WS.Reputation.1, Bitdefender as Trojan.Generic.KDV.765203. The MD5 hash of this sample is e4950d3ee5b91ac30f5ed449001c992a.

This strike sends a malware sample detected by Mcafee as Artemis!9331B6794827, Microsoft as TrojanSpy:Win32/Bancos.AIS, Kaspersky as Trojan-Banker.Win32.Banbra.avrt, Bitdefender as Gen:Variant.Kazy.98907. The MD5 hash of this sample is 9331b67948273991c4e725539f290afd.

Pages