Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | |||||
| CVE-2002-2165 | 1 Imho | 1 Imho Webmail | 2008-09-05 | 2.1 LOW | N/A |
| The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox. | |||||
| CVE-2002-2207 | 1 Eric Rescorla | 1 Ssldump | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attackers to execute arbitrary code via a long RSA PreMasterSecret. | |||||
| CVE-2002-2183 | 1 Phpshare | 1 Phpshare | 2008-09-05 | 7.5 HIGH | N/A |
| phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary PHP scripts from remote servers. | |||||
| CVE-2002-2050 | 1 Modlogan | 1 Modlogan | 2008-09-05 | 2.1 LOW | N/A |
| Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry. | |||||
| CVE-2002-2033 | 1 Faqmanager | 1 Faqmanager.cgi | 2008-09-05 | 5.0 MEDIUM | N/A |
| faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). | |||||
| CVE-2002-2180 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 6.8 MEDIUM | N/A |
| The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. | |||||
| CVE-2002-2189 | 2 Activxperts Software, Microsoft | 2 Activwebserver, Windows 2003 Server | 2008-09-05 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link. | |||||
| CVE-2002-2010 | 1 Htdig | 1 Htdig | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht://Dig) 3.1.5, 3.1.6, and 3.2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | |||||
| CVE-2002-2167 | 1 Thorsten Korner | 1 123tkshop | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null character in the $designNo variable, which is part of an "include" function call. | |||||
| CVE-2002-2225 | 1 Safenet | 1 Softremote Vpn Client | 2008-09-05 | 5.1 MEDIUM | N/A |
| SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. | |||||
| CVE-2002-1981 | 1 Microsoft | 1 Sql Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings. | |||||
| CVE-2002-2095 | 1 Joe Testa | 1 Hellbent | 2008-09-05 | 5.0 MEDIUM | N/A |
| Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.webroot and (2) index.ipallow. | |||||
| CVE-2002-2021 | 1 Woltlab | 1 Burning Board | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2002-2120 | 1 Qnx | 1 Rtos | 2008-09-05 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to (1) Watcom or (2) int10. | |||||
| CVE-2002-1998 | 1 Sco | 2 Open Unix, Unixware | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | |||||
| CVE-2002-2307 | 1 Pyramid | 1 Benhur Software Update | 2008-09-05 | 5.0 MEDIUM | N/A |
| The default configuration of BenHur Firewall release 3 update 066 fix 2 allows remote attackers to access arbitrary services by connecting from source port 20. | |||||
| CVE-2002-2148 | 1 Lucent | 3 Ascend Max Router, Ascend Pipeline Router, Dslterminator | 2008-09-05 | 5.0 MEDIUM | N/A |
| Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response. | |||||
| CVE-2002-1985 | 1 Incognito Software Inc | 1 Ismtp Gateway | 2008-09-05 | 5.0 MEDIUM | N/A |
| iSMTP 5.0.1 allows remote attackers to cause a denial of service via a long "MAIL FROM" command, possibly triggering a buffer overflow. | |||||
| CVE-2002-1803 | 1 Francisco Burzi | 1 Php-nuke | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||