Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0476 | 1 Macromedia | 1 Flash Player | 2008-09-05 | 5.0 MEDIUM | N/A |
| Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand. | |||||
| CVE-2002-0536 | 1 Phpgroupware | 1 Phpgroupware | 2008-09-05 | 7.5 HIGH | N/A |
| PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack. | |||||
| CVE-2002-0524 | 1 Asp-nuke | 1 Asp-nuke | 2008-09-05 | 5.0 MEDIUM | N/A |
| ASP-Nuke RC2 and earlier allows remote attackers to determine the absolute path of the server by (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments, which leak the pathname in an error message. | |||||
| CVE-2002-0792 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2008-09-05 | 5.0 MEDIUM | N/A |
| The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | |||||
| CVE-2002-0549 | 1 Anthill | 1 Anthill | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users. | |||||
| CVE-2002-0598 | 1 Foundstone | 1 Fscan | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner. | |||||
| CVE-2002-0578 | 1 Aci | 1 4d Webserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password. | |||||
| CVE-2002-0676 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.5 HIGH | N/A |
| SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. | |||||
| CVE-2002-0749 | 1 Cgiscript.net | 1 Csmailto | 2008-09-05 | 7.5 HIGH | N/A |
| CGIscript.net csMailto.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the form-attachment field. | |||||
| CVE-2002-0742 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in pioout on AIX 4.3.3. | |||||
| CVE-2002-0741 | 1 Psychoid | 1 Psybnc | 2008-09-05 | 5.0 MEDIUM | N/A |
| psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC. | |||||
| CVE-2002-0730 | 1 Philip Chinery | 1 Philip Chinerys Guestbook | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in guestbook.pl for Philip Chinery's Guestbook 1.1 allows remote attackers to execute Javascript or HTML via fields such as (1) Name, (2) EMail, or (3) Homepage. | |||||
| CVE-2002-0550 | 1 Gcf | 1 Dynamic Guestbook | 2008-09-05 | 7.5 HIGH | N/A |
| Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter. | |||||
| CVE-2002-0784 | 1 Lysias | 1 Lidik Webserver | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Lysias Lidik web server 0.7b allows remote attackers to list directories via an HTTP request with a ... (modified dot dot). | |||||
| CVE-2002-0777 | 1 Ipswitch | 1 Imail | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter. | |||||
| CVE-2002-0591 | 1 Aol | 1 Instant Messenger | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename. | |||||
| CVE-2002-0481 | 1 Microsoft | 1 Outlook | 2008-09-05 | 5.1 MEDIUM | N/A |
| An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function. | |||||
| CVE-2002-0504 | 1 Citrix | 1 Nfuse | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp. | |||||
| CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | |||||
| CVE-2002-0613 | 1 Dnstools Software | 1 Dnstools | 2008-09-05 | 10.0 HIGH | N/A |
| dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters. | |||||