Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0120 | 1 Mhc-utils | 1 Mhc-utils | 2008-09-05 | 1.2 LOW | N/A |
| adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name. | |||||
| CVE-2002-2352 | 1 Neosoft | 1 Neobook | 2008-09-05 | 5.8 MEDIUM | N/A |
| The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs. | |||||
| CVE-2003-0126 | 1 Multitech | 1 Routefinder 550 Vpn | 2008-09-05 | 7.5 HIGH | N/A |
| The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities. | |||||
| CVE-2003-0104 | 1 Peoplesoft | 1 Peopletools | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. | |||||
| CVE-2002-2392 | 1 Nullsoft | 1 Winamp | 2008-09-05 | 6.4 MEDIUM | N/A |
| Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code. | |||||
| CVE-2002-2398 | 1 App | 1 Apboard | 2008-09-05 | 5.0 MEDIUM | N/A |
| The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter. | |||||
| CVE-2003-0119 | 1 Ibm | 1 Aix | 2008-09-05 | 7.5 HIGH | N/A |
| The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities. | |||||
| CVE-2002-2408 | 1 Gordano | 1 Ntmail | 2008-09-05 | 7.5 HIGH | N/A |
| Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server. | |||||
| CVE-2003-0167 | 1 Mutt | 1 Mutt | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. | |||||
| CVE-2003-0176 | 1 Sgi | 1 Irix | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan. | |||||
| CVE-2003-0241 | 1 Frontrange | 1 Goldmine | 2008-09-05 | 7.5 HIGH | N/A |
| FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attackers to execute arbitrary code via a message that is rendered in IE using a less secure zone. | |||||
| CVE-2003-0142 | 1 Adobe | 1 Acrobat Reader | 2008-09-05 | 5.0 MEDIUM | N/A |
| Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function. | |||||
| CVE-2002-2029 | 1 Apache | 1 Http Server | 2008-09-05 | 7.5 HIGH | N/A |
| PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string. | |||||
| CVE-2002-2315 | 1 Cisco | 1 Ios | 2008-09-05 | 7.8 HIGH | N/A |
| Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. | |||||
| CVE-2002-2143 | 1 Mysimplenews | 1 Mysimplenews | 2008-09-05 | 7.5 HIGH | N/A |
| The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.html. | |||||
| CVE-2002-2030 | 1 Sqldata | 1 Sqldata Enterprise Server | 2008-09-05 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows remote attacker to execute arbitrary code and cause a denial of service via a long HTTP request. | |||||
| CVE-2002-2081 | 1 Microsoft | 2 Site Server, Site Server Commerce | 2008-09-05 | 5.0 MEDIUM | N/A |
| cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp. | |||||
| CVE-2002-2137 | 5 Alloy, D-link, Eusso and 2 more | 5 Gl-2422ap-s, Dwl-900ap\+, Gl2422 Ap and 2 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155. | |||||
| CVE-2002-2026 | 1 Browseftp | 1 Browseftp Client | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply. | |||||
| CVE-2002-2089 | 1 Sun | 1 Solaris | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument. | |||||