Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0753 | 1 Talentsoft | 1 Web\+ Server | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie. | |||||
| CVE-2002-0738 | 1 Mhonarc | 1 Mhonarc | 2008-09-05 | 7.5 HIGH | N/A |
| MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax. | |||||
| CVE-2002-0498 | 1 Etnus | 1 Totalview | 2008-09-05 | 4.6 MEDIUM | N/A |
| Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users. | |||||
| CVE-2002-0531 | 1 Emumail | 3 Emumail, Emumail Red Hat Linux, Emumail Unix | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x and 5.1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter. | |||||
| CVE-2002-0517 | 1 Caldera | 2 Openunix, Unixware | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as (1) dtterm or (2) xterm. | |||||
| CVE-2002-0673 | 1 Pingtel | 1 Xpressa | 2008-09-05 | 4.6 MEDIUM | N/A |
| The enrollment process for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to the phone to log out the current user and re-register the phone using MyPingtel Sign-In to gain remote access and perform unauthorized actions. | |||||
| CVE-2002-0801 | 1 Macromedia | 1 Jrun | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. | |||||
| CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2008-09-05 | 5.0 MEDIUM | N/A |
| IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | |||||
| CVE-2002-0780 | 1 Novell | 1 Bordermanager | 2008-09-05 | 5.0 MEDIUM | N/A |
| IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND. | |||||
| CVE-2002-0752 | 1 Cgiscript.net | 1 Csmailto | 2008-09-05 | 5.0 MEDIUM | N/A |
| CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file. | |||||
| CVE-2002-0497 | 1 Mtr | 1 Mtr | 2008-09-05 | 2.1 LOW | N/A |
| Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable. | |||||
| CVE-2002-0437 | 1 Stefan Frings | 1 Sms Server Tools | 2008-09-05 | 10.0 HIGH | N/A |
| Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attackers to execute arbitrary commands via shell metacharacters (backquotes) in message text, as described with the term "string format vulnerability" by some sources. | |||||
| CVE-2002-0745 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in uucp in AIX 4.3.3. | |||||
| CVE-2002-0501 | 1 Posadis | 1 Posadis | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages. | |||||
| CVE-2002-0453 | 1 Oblix | 1 Netpoint | 2008-09-05 | 7.5 HIGH | N/A |
| The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again. | |||||
| CVE-2002-0594 | 3 Galeon, Mozilla, Netscape | 3 Galeon Browser, Mozilla, Navigator | 2008-09-05 | 5.0 MEDIUM | N/A |
| Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | |||||
| CVE-2002-0522 | 1 Asp-nuke | 1 Asp-nuke | 2008-09-05 | 7.5 HIGH | N/A |
| ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie. | |||||
| CVE-2002-0506 | 1 Redhat | 1 Linux | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt. | |||||
| CVE-2002-0672 | 1 Pingtel | 1 Xpressa | 2008-09-05 | 4.6 MEDIUM | N/A |
| Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null. | |||||
| CVE-2002-0516 | 1 Squirrelmail | 1 Squirrelmail | 2008-09-05 | 10.0 HIGH | N/A |
| SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie. | |||||