Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1349 | 1 Sendmail | 1 Sendmail | 2008-09-05 | 3.7 LOW | N/A |
| Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. | |||||
| CVE-2001-1532 | 1 Web Crossing | 1 Webx | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions. | |||||
| CVE-2001-1514 | 1 Macromedia | 1 Coldfusion | 2008-09-05 | 10.0 HIGH | N/A |
| ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE> and (2) child processes that call the CreateProcess function and are executed with <CFOBJECT> or end with the CFX extension, which allows attackers to execute programs with the permissions of the System account. | |||||
| CVE-2001-1226 | 1 Adcycle | 1 Adcycle | 2008-09-05 | 5.0 MEDIUM | N/A |
| AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database. | |||||
| CVE-2001-1327 | 1 Berkeley Softworks | 1 Pmake | 2008-09-05 | 4.6 MEDIUM | N/A |
| pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. | |||||
| CVE-2001-1416 | 1 Aol | 1 Instant Messenger | 2008-09-05 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags. | |||||
| CVE-2002-0017 | 1 Sgi | 1 Irix | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request. | |||||
| CVE-2001-1549 | 1 Tiny Software | 1 Tiny Personal Firewall | 2008-09-05 | 2.1 LOW | N/A |
| Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. | |||||
| CVE-2001-1529 | 1 Ibm | 1 Aix | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779. | |||||
| CVE-2001-1304 | 1 Nullsoft | 1 Shoutcast Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header. | |||||
| CVE-2001-1292 | 1 Sambar | 1 Sambar Server | 2008-09-05 | 7.5 HIGH | N/A |
| Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password. | |||||
| CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2008-09-05 | 5.0 MEDIUM | N/A |
| Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | |||||
| CVE-2001-1531 | 1 Apple | 1 Claris Emailer | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename. | |||||
| CVE-2001-1568 | 1 Cmg | 1 Wap Gateway | 2008-09-05 | 6.4 MEDIUM | N/A |
| CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack. | |||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | |||||
| CVE-2001-1273 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 2.1 LOW | N/A |
| The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt). | |||||
| CVE-2001-1299 | 1 Zorbat | 1 Zorbstats | 2008-09-05 | 5.0 MEDIUM | N/A |
| Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2001-1321 | 1 Oracle | 1 Internet Directory | 2008-09-05 | 7.5 HIGH | N/A |
| Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1523 | 1 Dmozgateway | 1 Dmozgateway | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the DMOZGateway module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the topic parameter. | |||||
| CVE-2001-1554 | 1 Ibm | 1 Aix | 2008-09-05 | 5.0 MEDIUM | N/A |
| IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. | |||||