Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1779 | 1 Symantec | 1 Norton Personal Firewall | 2008-09-05 | 7.5 HIGH | N/A |
| The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305). | |||||
| CVE-2002-1913 | 1 Myphpnuke | 1 Myphpnuke | 2008-09-05 | 5.0 MEDIUM | N/A |
| phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable. | |||||
| CVE-2002-1865 | 2 D-link, Linksys | 4 Di-804, Dl-704, Befw11s4 and 1 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. | |||||
| CVE-2002-1938 | 1 Virgil | 1 Cgi Scanner | 2008-09-05 | 7.5 HIGH | N/A |
| Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the (1) tar (TARGET) or (2) zielport (ZIELPORT) parameters. | |||||
| CVE-2002-1838 | 1 Steve Sachs | 1 Charities.cron | 2008-09-05 | 5.0 MEDIUM | N/A |
| Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | |||||
| CVE-2002-1917 | 1 Geeklog | 1 Geeklog | 2008-09-05 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header. | |||||
| CVE-2002-1952 | 1 Phprank | 1 Phprank | 2008-09-05 | 7.5 HIGH | N/A |
| phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable. | |||||
| CVE-2002-1818 | 1 Ez Systems | 1 Httpbench | 2008-09-05 | 5.0 MEDIUM | N/A |
| ezhttpbench.php in eZ httpbench 1.1 allows remote attackers to read arbitrary files via a full pathname in the AnalyseSite parameter. | |||||
| CVE-2002-1948 | 1 Gringotts | 1 Gringotts | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. | |||||
| CVE-2002-1690 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225. | |||||
| CVE-2002-1920 | 1 Datawizard | 1 Ftpxq | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD command with a long directory name. | |||||
| CVE-2002-1791 | 1 Sgi | 1 Irix | 2008-09-05 | 2.1 LOW | N/A |
| SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files. | |||||
| CVE-2002-1933 | 1 Microsoft | 1 Windows 2000 Terminal Services | 2008-09-05 | 7.2 HIGH | N/A |
| The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window. | |||||
| CVE-2002-1788 | 1 Kim Storm | 1 Nn | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses. | |||||
| CVE-2002-1811 | 1 Belkin | 1 F5d6130 Wnap | 2008-09-05 | 5.0 MEDIUM | N/A |
| Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to cause a denial of service (connection loss) by sending several SNMP GetNextRequest requests. | |||||
| CVE-2002-1930 | 1 An | 1 An-httpd | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username. | |||||
| CVE-2002-1916 | 1 Pirch | 2 Pirch Irc, Ruspirch | 2008-09-05 | 5.0 MEDIUM | N/A |
| Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (crash) via a nickname containing an MS-DOS device name such as AUX, which is inserted into a filename for saving queries. | |||||
| CVE-2002-1795 | 1 Microsoft | 1 Tsac Activex Control | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2002-1797 | 1 Hp | 1 Chaivm | 2008-09-05 | 4.6 MEDIUM | N/A |
| ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer. | |||||