Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2016-10-18 | 2.1 LOW | N/A |
| Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||||
| CVE-1999-1448 | 1 Qualcomm | 2 Eudora, Eudora Light | 2016-10-18 | 5.0 MEDIUM | N/A |
| Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault. | |||||
| CVE-1999-1434 | 1 Slackware | 1 Slackware Linux | 2016-10-18 | 7.2 HIGH | N/A |
| login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server. | |||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2016-10-18 | 2.1 LOW | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | |||||
| CVE-1999-1431 | 1 Microsoft | 1 Zero Administration Kit | 2016-10-18 | 4.6 MEDIUM | N/A |
| ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe. | |||||
| CVE-1999-1441 | 1 Linux | 1 Linux Kernel | 2016-10-18 | 2.1 LOW | N/A |
| Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it. | |||||
| CVE-1999-1454 | 1 Macromedia | 1 Matrix Screen Saver | 2016-10-18 | 4.6 MEDIUM | N/A |
| Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key. | |||||
| CVE-1999-1436 | 1 Ray Chan | 1 Www Authorization Gateway | 2016-10-18 | 7.5 HIGH | N/A |
| Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "user" parameter. | |||||
| CVE-1999-1429 | 1 Dit | 1 Transferpro | 2016-10-18 | 2.1 LOW | N/A |
| DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver. | |||||
| CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2016-10-18 | 5.1 MEDIUM | N/A |
| Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | |||||
| CVE-1999-1469 | 1 Hughes Technologies | 1 W3-auth | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header. | |||||
| CVE-1999-1435 | 1 Nec | 1 Socks 5 | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows local users to gain privileges via long environmental variables. | |||||
| CVE-1999-1410 | 1 Sgi | 1 Irix | 2016-10-18 | 6.2 MEDIUM | N/A |
| addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file. | |||||
| CVE-1999-1384 | 1 Sgi | 1 Irix | 2016-10-18 | 7.2 HIGH | N/A |
| Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. | |||||
| CVE-1999-1338 | 1 Delegate | 1 Delegate | 2016-10-18 | 5.0 MEDIUM | N/A |
| Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions. | |||||
| CVE-1999-1394 | 1 Bsd | 1 Bsd | 2016-10-18 | 2.1 LOW | N/A |
| BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device. | |||||
| CVE-1999-1375 | 1 Microsoft | 1 Internet Information Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. | |||||
| CVE-1999-1333 | 1 Redhat | 1 Linux | 2016-10-18 | 7.5 HIGH | N/A |
| automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. | |||||
| CVE-1999-1345 | 1 Auto Ftp | 1 Auto Ftp | 2016-10-18 | 4.6 MEDIUM | N/A |
| Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred. | |||||
| CVE-1999-1350 | 1 Arcad Systemhaus | 1 Arcad | 2016-10-18 | 4.6 MEDIUM | N/A |
| ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, which could allow local users to gain privileges by replacing a program with a Trojan horse. | |||||