Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0352 | 1 Phorum | 1 Phorum | 2016-10-18 | 5.0 MEDIUM | N/A |
| Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication. | |||||
| CVE-2002-0338 | 1 Ritlabs | 1 The Bat | 2016-10-18 | 5.0 MEDIUM | N/A |
| The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name. | |||||
| CVE-2002-0377 | 1 Rob Flynn | 1 Gaim | 2016-10-18 | 2.1 LOW | N/A |
| Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. | |||||
| CVE-2002-0342 | 1 Kde | 1 K-mail | 2016-10-18 | 5.0 MEDIUM | N/A |
| Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long. | |||||
| CVE-2002-0326 | 1 Working Resources Inc. | 1 Badblue | 2016-10-18 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript. | |||||
| CVE-2002-0337 | 1 Realnetworks | 1 Realplayer | 2016-10-18 | 5.4 MEDIUM | N/A |
| RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. | |||||
| CVE-2002-0362 | 1 Aol | 1 Instant Messenger | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711. | |||||
| CVE-2002-0328 | 1 Ikonboard.com | 1 Ikonboard | 2016-10-18 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag. | |||||
| CVE-2002-0341 | 1 Novell | 1 Groupwise | 2016-10-18 | 5.0 MEDIUM | N/A |
| GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter. | |||||
| CVE-2002-0347 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. | |||||
| CVE-2002-0331 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. | |||||
| CVE-2002-0323 | 1 Nombas | 1 Scriptease Webserver | 2016-10-18 | 5.0 MEDIUM | N/A |
| comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL. | |||||
| CVE-2002-0360 | 1 Sun | 1 Solaris Answerbook2 | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program. | |||||
| CVE-2002-0327 | 1 Century Software | 1 Term | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program. | |||||
| CVE-2002-0329 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2016-10-18 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag. | |||||
| CVE-2002-0317 | 1 Gator | 1 Gator | 2016-10-18 | 7.5 HIGH | N/A |
| Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter. | |||||
| CVE-2002-0325 | 1 Working Resources Inc. | 1 Badblue | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the URL. | |||||
| CVE-2002-0359 | 1 Sgi | 1 Irix | 2016-10-18 | 10.0 HIGH | N/A |
| xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges. | |||||
| CVE-2002-0334 | 1 Xtell | 1 Xtell | 2016-10-18 | 2.1 LOW | N/A |
| xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. | |||||
| CVE-2002-0332 | 1 Xtell | 1 Xtell | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request. | |||||