Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0899 | 1 Blueface | 1 Falcon Web Server | 2008-09-05 | 7.5 HIGH | N/A |
| Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot). | |||||
| CVE-2002-0919 | 1 Cgiscript.net | 1 Cspassword | 2008-09-05 | 7.5 HIGH | N/A |
| CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page. | |||||
| CVE-2002-1082 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded. | |||||
| CVE-2002-0910 | 1 Debian | 1 Netstd | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to. | |||||
| CVE-2002-0953 | 1 Php Address | 1 Php Address | 2008-09-05 | 7.5 HIGH | N/A |
| globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter. | |||||
| CVE-2002-0896 | 1 Swatch | 1 Swatch | 2008-09-05 | 5.0 MEDIUM | N/A |
| The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection. | |||||
| CVE-2002-0855 | 1 Gnu | 1 Mailman | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. | |||||
| CVE-2002-0806 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 2.1 LOW | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option. | |||||
| CVE-2002-0827 | 1 Caldera | 2 Openunix, Unixware | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824. | |||||
| CVE-2002-0914 | 1 Double Precision Incorporated | 1 Courier Mta | 2008-09-05 | 5.0 MEDIUM | N/A |
| Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop. | |||||
| CVE-2002-0901 | 1 Amanda | 1 Amanda | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar. | |||||
| CVE-2002-0941 | 1 Ncipher | 2 Nforce, Nshield | 2008-09-05 | 4.6 MEDIUM | N/A |
| The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges. | |||||
| CVE-2002-1061 | 1 T. Hauck | 1 Jana Web Server | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP GET request with a long major version number, (2) an HTTP GET request to the HTTP proxy on port 3128 with a long major version number, (3) a long OK reply from a POP3 server, and (4) a long SMTP server response. | |||||
| CVE-2002-0957 | 1 Iss | 1 Blackice Agent | 2008-09-05 | 5.0 MEDIUM | N/A |
| The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user. | |||||
| CVE-2002-0915 | 1 Harald Hoyer | 2 Autorun, Xandros Desktop Os | 2008-09-05 | 2.1 LOW | N/A |
| autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file. | |||||
| CVE-2002-0991 | 1 Hp | 1 Cifs-9000 Server | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | |||||
| CVE-2002-0931 | 1 Luis Bernardo | 1 Myhelpdesk | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a (1) Title or (2) Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the (3) tickettime, (4) ticketfiles, or (5) updateticketlog operations, or (6) via the update section when a ticket is edited. | |||||
| CVE-2002-0964 | 1 Valve Software | 2 Half-life, Half-life Dedicated Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out. | |||||
| CVE-2002-1062 | 1 T. Hauck | 1 Jana Web Server | 2008-09-05 | 7.5 HIGH | N/A |
| Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries. | |||||
| CVE-2002-1124 | 1 Purity | 1 Purity | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables. | |||||