Displaying 161 - 180 of 37686
Last import : Jun 21 13:40

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in IBM Lotus iNotes ActiveX control. If the General_Mode property is equal to 1 the Attachment_Times property is parsed as date time strings. This is stored in a 0x200 byte stack buffer, and if the string too large it will write into it.

This strike sends a trojan malware sample detected by Mcafee as Artemis!9FCA87E1A967, Kaspersky as Trojan-Downloader.Win32.Andromeda.mb, Symantec as Trojan.ADH.2, Microsoft as DDoS:Win32/Dofoil.A. The MD5 hash of this sample is 9fca87e1a967a012be6382541800f2a2.

This strike sends a trojan malware sample detected by Mcafee as Artemis!EAAF3B738EAD, Symantec as WS.Reputation.1, Bitdefender as Gen:Variant.Graftor.43318. The MD5 hash of this sample is eaaf3b738ead4fc2b1dac5c1dc75b22c.

CVSS: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

This strike exploits a cross-site scripting vulnerability in Internet Explorer. The vulnerability is due to a lack of input validation of html code. Remote attackers can exploit this vulnerability by enticing a user to open a malicious web page using the toStaticHTML method, leading to information disclosure and execution of arbitrary browser script code.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in HP OpenView Network Node Manager (NNM). The vulnerability is caused by lack of input validation when handling HTTP requests. This vulnerability can be exploited by an unauthenticated attacker to inject and execute arbitrary code on target system.

This strike sends a trojan malware sample detected by Symantec as Trojan.ADH.2. The MD5 hash of this sample is 1c665d283ac4edeb502d060148a7a0be.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Oracle AutoVue Enterprise Visualization software. When a string is passed to the SetMarkupMode method with a size greater than 0x100, that string is copied from heap memory into an allocated stack buffer without validation.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in parsing an SMB Trans Response. Successful exploitation of this vulnerability will allow execution of arbitrary code with operating system kernel privledges or will cause a kernel panic, resulting in a denial of service condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Symatec's cliproxy ActiveX control. If the SetRemoteComputerName method is passed an overly long value a heap buffer of 0x34 bytes is overwritten.

This strike sends a trojan malware sample detected by Mcafee as Boaxxe.dr, Kaspersky as not-a-virus:Porn-Dialer.Win32.Generic, Symantec as Dialer.Volta, Microsoft as Tool:Win32/PornDialer.IE, Bitdefender as Application.Dialer.ZU. The MD5 hash of this sample is 7b8f9dfedfd961e9d1e2af98788a37e0.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits an SQL Injection in IBM Tivoli Provisioning Manager where an attacker can update underlying data. In particular, a user may upgrade their account to an administrator.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploits an uninitialized variable created by U3D Modifier Chain

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in MW6 Technologies ActiveX Control barcode.dll. Specifically the vuln is due to the way in which the Supplement property of this control is handled. If this property is assigned a value of greater than 0x90 and less than 0xCF8, the code will overwrite a pointer resulting in memory corruption.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in HP OpenView Network Node Manager (NNM). The vulnerability is caused by lack of input validation by OvWebHelp when handling HTTP requests. This vulnerability can be exploited by an unauthenticated attacker to inject and execute arbitrary code on target system.

This strike sends a worm malware sample detected by Mcafee as Generic.dx!bfzf, Kaspersky as Trojan.Win32.Jorik.Nrgbot.ckz, Symantec as Trojan.Usuge!gen3, Microsoft as Worm:Win32/Dorkbot.A, Bitdefender as Worm.Generic.386828. The MD5 hash of this sample is ff1ef1ce1ddcbbab3ee58d6f9beae4bc.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike demonstrates an exploit in Java where an attacker can run arbitrary Java code without sandbox protection.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike identifies an integer overflow in HP OpenView Data Protector Cell Manager. This vulnearbility is due to the way the Length parameter is processed. If this parameter is greater than 0xFFFFFFF8, length which is used in the calculation of a size parameter for a heap buffer causes an integer overflow. When data is copied to this undersized buffer, critical memory is overwritten.

This strike sends a trojan malware sample detected by Mcafee as Generic.jy, Kaspersky as Trojan-Banker.Win32.Banker.suip, Symantec as Infostealer.Bancos, Microsoft as TrojanDropper:Win32/Bancos.M, Bitdefender as Trojan.Generic.KD.727582. The MD5 hash of this sample is f30526e804df83a2a30068f1d74faeab.

This strike sends a trojan malware sample detected by Mcafee as PWS-Zbot.gen.aln, Kaspersky as Trojan-Spy.Win32.Zbot.fgyl, Symantec as Trojan.Zbot, Microsoft as PWS:Win32/Zbot.gen!AF, Bitdefender as Trojan.Injector.AJB. The MD5 hash of this sample is 4b640a13f2cca63135e2423e64c30948.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the SAP Crystal Reports ActiveX control printcontrol.dll. The ServerResourceVersion property is not properly validated, and if it exceeds a size 0x40C the string overflows a heap buffer.

Pages