Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0374 | 1 Padl Software | 1 Pam Ldap | 2016-10-18 | 7.5 HIGH | N/A |
| Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name. | |||||
| CVE-2002-0344 | 1 Symantec | 1 Liveupdate | 2016-10-18 | 5.0 MEDIUM | N/A |
| Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | |||||
| CVE-2002-0322 | 1 Yahoo | 1 Messenger | 2016-10-18 | 7.5 HIGH | N/A |
| Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing. | |||||
| CVE-2002-0348 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2016-10-18 | 7.5 HIGH | N/A |
| service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. | |||||
| CVE-2002-0324 | 1 Noah Gray | 1 Graymatter | 2016-10-18 | 7.5 HIGH | N/A |
| Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password in cleartext, then retrieving the file from the web server before the Greymatter administrator performs a "Clear And Exit" action. | |||||
| CVE-2002-0382 | 1 Xchat | 1 Xchat | 2016-10-18 | 7.5 HIGH | N/A |
| XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters. | |||||
| CVE-2002-0354 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2016-10-18 | 5.0 MEDIUM | N/A |
| The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | |||||
| CVE-2002-0333 | 1 Xtell | 1 Xtell | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument. | |||||
| CVE-2002-0350 | 1 Hp | 1 Procurve Switch 4000m | 2016-10-18 | 7.8 HIGH | N/A |
| HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. | |||||
| CVE-2002-0380 | 1 Lbl | 1 Tcpdump | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet. | |||||
| CVE-2002-0319 | 1 Powie | 1 Pforum | 2016-10-18 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username. | |||||
| CVE-2002-0309 | 1 Symantec | 1 Enterprise Firewall | 2016-10-18 | 5.0 MEDIUM | N/A |
| SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information. | |||||
| CVE-2002-0298 | 1 Nombas | 1 Scriptease Webserver | 2016-10-18 | 5.0 MEDIUM | N/A |
| ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character. | |||||
| CVE-2002-0271 | 1 Ada Core Technologies | 1 Gnat Pro Native | 2016-10-18 | 1.2 LOW | N/A |
| Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files. | |||||
| CVE-2002-0288 | 1 Bbshareware.com | 1 Phusion Webserver | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request. | |||||
| CVE-2002-0285 | 1 Microsoft | 1 Outlook Express | 2016-10-18 | 7.5 HIGH | N/A |
| Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. | |||||
| CVE-2002-0287 | 1 Powie | 1 Pforum | 2016-10-18 | 10.0 HIGH | N/A |
| pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default. | |||||
| CVE-2002-0300 | 1 Gnujsp | 1 Gnujsp | 2016-10-18 | 5.0 MEDIUM | N/A |
| gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file. | |||||
| CVE-2002-0289 | 1 Bbshareware.com | 1 Phusion Webserver | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in Phusion web server 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long HTTP request. | |||||
| CVE-2002-0312 | 1 Essen | 1 Essentia Web Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||