Top Newly Discovered Vulnerabilities
February 2004

Symantec Security Response compiled the top 10 newly discovered vulnerabilities from the previous month on the following criteria:

- Vulnerabilities with an impact rating of moderate-high to high. Impact is a numeric rating Symantec Security Response experts assign with values ranging from 1-10 representing the impact of the vulnerability on the confidentiality, integrity and availability of the affected system.
- Vulnerabilities that are remotely exploitable.
- Vulnerabilities affecting widely deployed and well-known technologies.
- Potential for hackers to exploit as part of a blended threats.

1. Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability
http://www.securityfocus.com/bid/9635

2. Microsoft ASN.1 Library Length Integer Mishandling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/9633

3. Internet Security Systems Protocol Analysis Module SMB Parsing Heap Overflow Vulnerability
http://www.securityfocus.com/bid/9752

4. Check Point VPN-1/SecuRemote ISAKMP Large Certificate Request Payload Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/9582

5. Multiple Check Point Firewall-1 HTTP Security Server Remote Format String Vulnerabilities
http://www.securityfocus.com/bid/9581

6. Linux Kernel do_mremap Function VMA Limit Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/9686

7. Microsoft Internet Explorer Unspecified CHM File Processing Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/9658

8. WinZip UUDeview MIME Archive Buffer Overrun Vulnerability
http://www.securityfocus.com/bid/9758

9. Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/9682

10. nCipher Hardware Security Module Firmware Secrets Disclosure Vulnerability http://www.securityfocus.com/bid/9717

# # #