Top Newly Discovered Vulnerabilities
February 2004
Symantec Security Response compiled the top 10 newly discovered vulnerabilities from the previous month on the following
criteria:
- Vulnerabilities with an impact rating of moderate-high to high. Impact is a numeric rating Symantec Security Response
experts assign with values ranging from 1-10 representing the impact of the vulnerability on the confidentiality,
integrity and availability of the affected system.
- Vulnerabilities that are remotely exploitable.
- Vulnerabilities affecting widely deployed and well-known technologies.
- Potential for hackers to exploit as part of a blended threats.
1. Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability
2. Microsoft ASN.1 Library Length Integer Mishandling Memory Corruption Vulnerability
3. Internet Security Systems Protocol Analysis Module SMB Parsing Heap Overflow Vulnerability
4. Check Point VPN-1/SecuRemote ISAKMP Large Certificate Request Payload Buffer Overflow Vulnerability
5. Multiple Check Point Firewall-1 HTTP Security Server Remote Format String Vulnerabilities
6. Linux Kernel do_mremap Function VMA Limit Local Privilege Escalation Vulnerability
7. Microsoft Internet Explorer Unspecified CHM File Processing Arbitrary Code Execution Vulnerability
8. WinZip UUDeview MIME Archive Buffer Overrun Vulnerability
9. Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
10. nCipher Hardware Security Module Firmware Secrets Disclosure Vulnerability http://www.securityfocus.com/bid/9717
# # #