Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1904 | 1 Gaztek | 1 Ghttpd | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-1899 | 1 Icewarp | 1 Web Mail | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" (addressname) parameter. | |||||
| CVE-2002-1817 | 1 Symantec Veritas | 1 Cluster Server | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX allows attackers to gain privileges via unknown attack vectors. | |||||
| CVE-2002-1928 | 1 Software602 | 1 602pro Lan Suite | 2008-09-05 | 5.0 MEDIUM | N/A |
| 602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension. | |||||
| CVE-2002-1941 | 1 Radiobird Software | 1 Web Server 4 Everyone | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request with the Host header set. | |||||
| CVE-2002-1969 | 1 The Magic Notebook | 1 The Magic Notebook | 2008-09-05 | 5.0 MEDIUM | N/A |
| Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. | |||||
| CVE-2002-1821 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2008-09-05 | 4.6 MEDIUM | N/A |
| Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to (1) admin_members.php, (2) admin_config.php, (3) admin_cat.php, or (4) admin_forum.php. | |||||
| CVE-2002-1866 | 1 Sws | 1 Sws Simple Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow remote attackers to cause a denial of service (file descriptor exhaustion) via multiple requests for pages that do not exist. | |||||
| CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2008-09-05 | 7.5 HIGH | N/A |
| index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | |||||
| CVE-2002-1785 | 1 Zeus Technologies | 1 Zeus Web Server | 2008-09-05 | 1.9 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi. | |||||
| CVE-2002-1804 | 1 Npds | 1 Npds | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2008-09-05 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | |||||
| CVE-2002-1828 | 1 Savant | 1 Savant Webserver | 2008-09-05 | 5.0 MEDIUM | N/A |
| Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value. | |||||
| CVE-2002-1862 | 1 Virtualzone | 1 Smartmail Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data and closing the connection before all the data has been sent. | |||||
| CVE-2002-1819 | 1 Tinyhttpd | 1 Tinyhttpd | 2008-09-05 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in TinyHTTPD 0.1 .0 allows remote attackers to read or execute arbitrary files via a ".." (dot dot) in the URL. | |||||
| CVE-2002-1880 | 1 Lokwa | 1 Lokwabb | 2008-09-05 | 5.0 MEDIUM | N/A |
| LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by modifying the pmid parameter to pm.php. | |||||
| CVE-2002-1959 | 1 Nagios | 1 Nagios | 2008-09-05 | 10.0 HIGH | N/A |
| Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output. | |||||
| CVE-2002-1621 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-1974 | 1 Sharp | 1 Zaurus | 2008-09-05 | 10.0 HIGH | N/A |
| The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root. | |||||
| CVE-2002-1856 | 1 Hp | 1 Application Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||