Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1300 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | |||||
| CVE-2003-1244 | 1 Phpbb Group | 1 Phpbb | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. | |||||
| CVE-2003-1168 | 1 Http Commander | 1 Http Commander | 2008-09-05 | 5.0 MEDIUM | N/A |
| HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. | |||||
| CVE-2003-1313 | 1 Eternalmart | 1 Mailing List Manager | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php. | |||||
| CVE-2003-1295 | 2 Redhat, Suse | 2 Enterprise Linux, Suse Linux | 2008-09-05 | 2.1 LOW | N/A |
| Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | |||||
| CVE-2003-1270 | 1 An | 1 An-http | 2008-09-05 | 5.0 MEDIUM | N/A |
| AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability. | |||||
| CVE-2003-1170 | 1 Gernot Stocker | 1 Kpopup | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. | |||||
| CVE-2003-1256 | 1 E-theni | 1 E-theni | 2008-09-05 | 6.8 MEDIUM | N/A |
| aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. | |||||
| CVE-2003-1281 | 1 Eekim | 1 Cgihtml | 2008-09-05 | 2.1 LOW | N/A |
| cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. | |||||
| CVE-2003-1308 | 1 Fvwm | 1 Fvwm | 2008-09-05 | 4.6 MEDIUM | N/A |
| CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename. | |||||
| CVE-2003-1363 | 1 Aprelium Technologies | 1 Abyss Web Server | 2008-09-05 | 6.4 MEDIUM | N/A |
| The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. | |||||
| CVE-2003-1276 | 1 Nettelephone | 1 Nettelephone | 2008-09-05 | 4.6 MEDIUM | N/A |
| Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts. | |||||
| CVE-2003-1252 | 1 Kelli Shaver | 1 S8forum | 2008-09-05 | 7.5 HIGH | N/A |
| register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username. | |||||
| CVE-2003-0761 | 1 Digium | 1 Asterisk | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | |||||
| CVE-2003-0724 | 1 Compaq | 1 Tru64 | 2008-09-05 | 7.5 HIGH | N/A |
| ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges. | |||||
| CVE-2003-0939 | 1 Sap | 1 Sap Db | 2008-09-05 | 7.5 HIGH | N/A |
| eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow. | |||||
| CVE-2003-0857 | 1 Redhat | 1 Enterprise Linux | 2008-09-05 | 4.6 MEDIUM | N/A |
| The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
| CVE-2003-0885 | 1 Xscreensaver | 1 Xscreensaver | 2008-09-05 | 6.4 MEDIUM | N/A |
| Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2003-0749 | 1 Sap | 1 Internet Transaction Server | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter. | |||||
| CVE-2003-0948 | 1 Wireless Tools | 1 Wireless Tools | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable. | |||||