Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2085 | 1 Wwwebbb | 1 Wwwebbb Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
| CVE-2002-2047 | 1 Sketch | 1 Sketch | 2008-09-05 | 10.0 HIGH | N/A |
| The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file. | |||||
| CVE-2002-2022 | 1 Kaffe | 1 Kaffe Openvm | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute. | |||||
| CVE-2002-2308 | 1 Netscape | 1 Communicator | 2008-09-05 | 5.0 MEDIUM | N/A |
| Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. | |||||
| CVE-2002-1994 | 1 Gamecheats | 1 Advanced Web Server Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence. | |||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2008-09-05 | 5.0 MEDIUM | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
| CVE-2002-2017 | 1 Sas | 2 Base, Integration Technologies | 2008-09-05 | 10.0 HIGH | N/A |
| sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd. | |||||
| CVE-2002-2011 | 1 Jon Howell | 1 Faq-o-matic | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter. | |||||
| CVE-2002-2206 | 1 Symantec | 1 Norton Antivirus | 2008-09-05 | 7.8 HIGH | N/A |
| The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries. | |||||
| CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | |||||
| CVE-2002-2156 | 1 Cerulean Studios | 1 Trillian | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response. | |||||
| CVE-2002-2221 | 1 Chetcpasswd | 1 Chetcpasswd | 2008-09-05 | 6.2 MEDIUM | N/A |
| Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639. | |||||
| CVE-2002-2087 | 1 Borland Software | 1 Interbase | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | |||||
| CVE-2002-2042 | 1 Qnx | 1 Rtos | 2008-09-05 | 7.2 HIGH | N/A |
| ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes. | |||||
| CVE-2002-2210 | 1 Openoffice | 1 Openoffice | 2008-09-05 | 6.2 MEDIUM | N/A |
| The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file. | |||||
| CVE-2002-2215 | 1 Php | 1 Php | 2008-09-05 | 5.0 MEDIUM | N/A |
| The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function. | |||||
| CVE-2002-2065 | 1 Webcalendar | 1 Webcalendar | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. | |||||
| CVE-2002-2184 | 1 Digi-net Technologies | 1 Digichat | 2008-09-05 | 5.0 MEDIUM | N/A |
| Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet. | |||||
| CVE-2002-2084 | 1 Portix-php | 1 Portix-php | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters. | |||||
| CVE-2002-2096 | 1 Novell | 1 Netware | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | |||||