Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2018 | 1 Sas | 2 Base, Integration Technologies | 2008-09-05 | 7.2 HIGH | N/A |
| sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault. | |||||
| CVE-2002-2063 | 1 Atguard | 1 Atguard Personal Firewall | 2008-09-05 | 7.5 HIGH | N/A |
| AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames. | |||||
| CVE-2002-2090 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp. | |||||
| CVE-2002-2078 | 1 Floosietek | 2 Ftgateoffice, Ftgatepro | 2008-09-05 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. | |||||
| CVE-2002-1982 | 1 Icecast | 1 Icecast | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not. | |||||
| CVE-2002-2346 | 1 Phpbb | 1 Phpbb | 2008-09-05 | 5.0 MEDIUM | N/A |
| phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. | |||||
| CVE-2002-2188 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 4.9 MEDIUM | N/A |
| OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. | |||||
| CVE-2002-2144 | 1 Free Peers | 1 Bearshare | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters. | |||||
| CVE-2002-2110 | 1 Rca | 1 Digital Cable Modem | 2008-09-05 | 5.0 MEDIUM | N/A |
| The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers to cause a denial of service (modem device reset) by connecting to port 80 on the 10.0.0.0/8 device. | |||||
| CVE-2002-2178 | 1 Phpwebsite | 1 Phpwebsite | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag. | |||||
| CVE-2002-2198 | 1 Zmailer | 1 Zmailer | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname. | |||||
| CVE-2002-2161 | 1 Kerio | 1 Personal Firewall | 2008-09-05 | 5.0 MEDIUM | N/A |
| Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood. | |||||
| CVE-2002-2085 | 1 Wwwebbb | 1 Wwwebbb Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
| CVE-2002-2318 | 1 Blueface | 1 Falcon Web Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages. | |||||
| CVE-2002-2047 | 1 Sketch | 1 Sketch | 2008-09-05 | 10.0 HIGH | N/A |
| The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file. | |||||
| CVE-2002-2022 | 1 Kaffe | 1 Kaffe Openvm | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute. | |||||
| CVE-2002-2228 | 1 Mailscanner | 1 Mailscanner | 2008-09-05 | 6.4 MEDIUM | N/A |
| MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner. | |||||
| CVE-2002-2308 | 1 Netscape | 1 Communicator | 2008-09-05 | 5.0 MEDIUM | N/A |
| Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. | |||||
| CVE-2002-1994 | 1 Gamecheats | 1 Advanced Web Server Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence. | |||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2008-09-05 | 5.0 MEDIUM | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||