Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2016-10-18 | 5.1 MEDIUM | N/A |
| NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
| CVE-1999-1206 | 1 Systemsoft | 1 Systemwizard | 2016-10-18 | 7.5 HIGH | N/A |
| SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control. | |||||
| CVE-1999-1203 | 1 Ascend | 1 Multilink Ppp For Isdn | 2016-10-18 | 5.0 MEDIUM | N/A |
| Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. | |||||
| CVE-1999-1092 | 1 Iain Lea | 1 Tin | 2016-10-18 | 4.6 MEDIUM | N/A |
| tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file. | |||||
| CVE-1999-1160 | 1 Hp | 1 Hp-ux | 2016-10-18 | 10.0 HIGH | N/A |
| Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. | |||||
| CVE-1999-1113 | 1 Eudora | 1 Internet Mail Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106. | |||||
| CVE-1999-1082 | 1 T. Hauck | 1 Jana Web Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack. | |||||
| CVE-1999-1109 | 1 Sendmail | 1 Sendmail | 2016-10-18 | 5.0 MEDIUM | N/A |
| Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated. | |||||
| CVE-1999-1085 | 1 Ssh | 1 Secure Shell | 2016-10-18 | 5.0 MEDIUM | N/A |
| SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack." | |||||
| CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
| CVE-1999-1132 | 1 Microsoft | 1 Windows Nt | 2016-10-18 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. | |||||
| CVE-1999-1164 | 1 Microsoft | 2 Outlook, Outlook Express | 2016-10-18 | 5.0 MEDIUM | N/A |
| Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang. | |||||
| CVE-1999-1173 | 1 Corel | 1 Wordperfect | 2016-10-18 | 2.1 LOW | N/A |
| Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack. | |||||
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
| CVE-1999-1104 | 1 Microsoft | 1 Windows 95 | 2016-10-18 | 4.6 MEDIUM | N/A |
| Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. | |||||
| CVE-1999-1079 | 1 Ibm | 1 Aix | 2016-10-18 | 4.6 MEDIUM | N/A |
| Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. | |||||
| CVE-1999-1163 | 1 Hp | 1 9000 | 2016-10-18 | 7.5 HIGH | N/A |
| Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation. | |||||
| CVE-1999-1125 | 1 Oracle | 1 Http Server | 2016-10-18 | 10.0 HIGH | N/A |
| Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. | |||||
| CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2016-10-18 | 7.2 HIGH | N/A |
| GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | |||||
| CVE-1999-1083 | 1 T. Hauck | 1 Jana Web Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack. | |||||