Displaying 161 - 180 of 38146
Last import : Jun 17 17:00

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a heap buffer overflow vulnerability in Sybase M-Business Anywhere. The vulnerability is due to insufficient validation of SOAP requests sent to the service interface. By specially crafting a malicious SOAP request, an unauthenticated attacker could execute arbitrary commands on the server.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a SQL injection vulnerability Ruby on Rails. The vulnerability results from a lack of input validation while handling hash values. A remote attacker could exploit this vulnerability by sending malicous SQL code.

This strike sends a trojan malware sample detected by Mcafee as Generic Downloader.oy, Kaspersky as Trojan-Dropper.Win32.NSIS.tz, Symantec as Trojan.ADH.2, Microsoft as Trojan:Win32/Comame, Bitdefender as Trojan.Nsis.Agent.Z. The MD5 hash of this sample is 54e0a380c5c4543d134cd216ff78a743.

This strike sends a trojan malware sample detected by Mcafee as Artemis!9FCA87E1A967, Kaspersky as Trojan-Downloader.Win32.Andromeda.mb, Symantec as Trojan.ADH.2, Microsoft as DDoS:Win32/Dofoil.A. The MD5 hash of this sample is 9fca87e1a967a012be6382541800f2a2.

This strike sends a trojan malware sample detected by Mcafee as Generic Downloader.oy, Kaspersky as Trojan-Dropper.Win32.NSIS.tz, Symantec as Trojan.ADH, Microsoft as Trojan:Win32/Dynamer!dtc, Bitdefender as Trojan.Nsis.Agent.Z. The MD5 hash of this sample is beb388ffb21277edba90294909b6b788.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in IBM Lotus iNotes ActiveX control. If the General Mode property is equal to 1 the Attachment Times property is parsed as date time strings. This is stored in a 0x200 byte stack buffer, and if the string too large it will write into it.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a stack buffer overflow vulnerability in HP OpenView Network Node Manager NNM. The vulnerability is caused by lack of input validation by webappmon.exe when handling HTTP requests. This vulnerability can be exploited by an unauthenticated attacker to inject and execute arbitrary code on target system.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploits an uninitialized variable created by U3D Modifier Chain

This strike sends a trojan malware sample detected by Symantec as Trojan.ADH.2. The MD5 hash of this sample is 1c665d283ac4edeb502d060148a7a0be.

This strike sends a trojan malware sample detected by Mcafee as Artemis!EAAF3B738EAD, Symantec as WS.Reputation.1, Bitdefender as Gen:Variant.Graftor.43318. The MD5 hash of this sample is eaaf3b738ead4fc2b1dac5c1dc75b22c.

This strike sends a trojan malware sample detected by Mcafee as Boaxxe.dr, Kaspersky as not-a-virus:Porn-Dialer.Win32.Generic, Symantec as Dialer.Volta, Microsoft as Tool:Win32/PornDialer.IE, Bitdefender as Application.Dialer.ZU. The MD5 hash of this sample is 7b8f9dfedfd961e9d1e2af98788a37e0.

CVSS: 9.4 (AV:N/AC:L/Au:N/C:N/I:C/A:C)

This strike exploits a vulnerability in Oracles Business Transaction Management FlashTunnelService where an arbitrary file may be deleted from the system. Note that this service may be configured to run on different ports.

This strike sends a worm malware sample detected by Mcafee as Generic.dx!bfzf, Kaspersky as Trojan.Win32.Jorik.Nrgbot.ckz, Symantec as Trojan.Usuge!gen3, Microsoft as Worm:Win32/Dorkbot.A, Bitdefender as Worm.Generic.386828. The MD5 hash of this sample is ff1ef1ce1ddcbbab3ee58d6f9beae4bc.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike illustrates a vulnerability that exists in Microsoft Publisher documents. If the chpRun PapRun and tapRun records contain a tyo structure of 0x1D and its cb value is more than 2, data will be copied and overwrite memory on the stack buffer. This happens because the cb value is the size of a memmove operation that changes an argument pointer on the stack buffer.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike identifies an stack buffer overflow in Novells iPrint Client. Due to improper validation on the printerURI String parameter, a user supplied input of greater than 0x800 bytes will overflow a fixed stack buffer.

This strike sends a trojan malware sample detected by Mcafee as Generic.jy, Kaspersky as Trojan-Banker.Win32.Banker.suip, Symantec as Infostealer.Bancos, Microsoft as TrojanDropper:Win32/Bancos.M, Bitdefender as Trojan.Generic.KD.727582. The MD5 hash of this sample is f30526e804df83a2a30068f1d74faeab.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in parsing an SMB Trans Response. Successful exploitation of this vulnerability will allow execution of arbitrary code with operating system kernel privledges or will cause a kernel panic, resulting in a denial of service condition.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in MW6 Technologies ActiveX Control barcode.dll. Specifically the vuln is due to the way in which the Supplement property of this control is handled. If this property is assigned a value of greater than 0x90 and less than 0xCF8, the code will overwrite a pointer resulting in memory corruption.

This strike sends a trojan malware sample detected by Mcafee as PWS-Zbot.gen.aln, Kaspersky as Trojan-Spy.Win32.Zbot.fgyl, Symantec as Trojan.Zbot, Microsoft as PWS:Win32/Zbot.gen!AF, Bitdefender as Trojan.Injector.AJB. The MD5 hash of this sample is 4b640a13f2cca63135e2423e64c30948.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Symatecs cliproxy ActiveX control. If the SetRemoteComputerName method is passed an overly long value a heap buffer of 0x34 bytes is overwritten.

Pages