Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1992 | 1 Macromedia | 2 Coldfusion, Coldfusion Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | |||||
| CVE-2002-2083 | 1 Novell | 1 Netware | 2008-09-05 | 2.1 LOW | N/A |
| The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen. | |||||
| CVE-2002-2316 | 1 Cisco | 1 Catos | 2008-09-05 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | |||||
| CVE-2002-2134 | 1 Peel | 1 Peel | 2008-09-05 | 5.0 MEDIUM | N/A |
| haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file. | |||||
| CVE-2002-2100 | 1 Microsoft | 1 Outlook | 2008-09-05 | 5.0 MEDIUM | N/A |
| Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content. | |||||
| CVE-2002-2337 | 1 Kaspersky Lab | 1 Kaspersky Anti-hacker | 2008-09-05 | 5.0 MEDIUM | N/A |
| Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
| CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2008-09-05 | 6.2 MEDIUM | N/A |
| Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2002-2205 | 1 Webresolve | 1 Webresolve | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Webresolve 0.1.0 and earlier allows remote attackers to execute arbitrary code by connecting to the server from an IP address that resolves to a long hostname. | |||||
| CVE-2002-2108 | 1 Sony | 1 Vaio Manual Cybersupport | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold from November 2001 to January 2002, allows remote attackers to modify data via a web page or HTML e-mail. | |||||
| CVE-2002-1996 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-09-05 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php. | |||||
| CVE-2002-2051 | 1 Modlogan | 1 Modlogan | 2008-09-05 | 2.1 LOW | N/A |
| The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file. | |||||
| CVE-2002-1990 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet. | |||||
| CVE-2002-2192 | 1 Perception | 1 Liteserve | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders. | |||||
| CVE-2002-2060 | 1 Twibright Labs | 1 Links | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images. | |||||
| CVE-2002-2046 | 1 Xqus | 1 X-news | 2008-09-05 | 7.5 HIGH | N/A |
| x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie. | |||||
| CVE-2002-2155 | 1 Cerulean Studios | 1 Trillian | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.73 allows remote IRC servers to execute arbitrary code via an invite to a channel with format string specifiers in the name. | |||||
| CVE-2002-2182 | 1 Seunghyun Seo | 1 Msn666 | 2008-09-05 | 6.4 MEDIUM | N/A |
| Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 allows remote attackers to execute arbitrary code via a long MSN packet. | |||||
| CVE-2002-2049 | 1 Dug Song | 3 Dsniff, Fragroute, Fragrouter | 2008-09-05 | 7.5 HIGH | N/A |
| configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the system. | |||||
| CVE-2002-2179 | 1 Unisys | 1 Clearpath Mcp | 2008-09-05 | 7.8 HIGH | N/A |
| The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap. | |||||
| CVE-2002-2036 | 1 Sun | 1 Ray Server Software | 2008-09-05 | 7.5 HIGH | N/A |
| Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client. | |||||