Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1158 | 1 Plug And Play Software | 1 Plug And Play Web Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands. | |||||
| CVE-2003-1159 | 1 Plug And Play | 1 Plug And Play Web Server Proxy | 2017-07-11 | 5.0 MEDIUM | N/A |
| Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080. | |||||
| CVE-2002-1286 | 1 Microsoft | 1 Java Virtual Machine | 2017-07-11 | 7.5 HIGH | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user. | |||||
| CVE-2002-1310 | 1 Macromedia | 1 Jrun | 2017-07-11 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name. | |||||
| CVE-2002-1312 | 1 Linksys | 9 Befn2ps4, Befsr11, Befsr41 and 6 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. | |||||
| CVE-2002-1321 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-07-11 | 7.5 HIGH | N/A |
| Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename. | |||||
| CVE-2002-1322 | 1 Rational Software | 1 Clearcase | 2017-07-11 | 5.0 MEDIUM | N/A |
| Rational ClearCase 4.1, 2002.05, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain packets to port 371, e.g. via nmap. | |||||
| CVE-2002-1334 | 1 Bizdesign | 1 Imagefolio | 2017-07-11 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi. | |||||
| CVE-2002-1335 | 1 W3m | 1 W3m | 2017-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote attackers to insert arbitrary web script or HTML and access files or cookies. | |||||
| CVE-2002-1338 | 1 Microsoft | 1 Office Web Components | 2017-07-11 | 5.0 MEDIUM | N/A |
| The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exception when a specified file does not exist, which allows remote attackers to determine the existence of local files. | |||||
| CVE-2002-1341 | 1 Squirrelmail | 1 Squirrelmail | 2017-07-11 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters. | |||||
| CVE-2002-1347 | 1 Cyrus | 1 Sasl | 2017-07-11 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. | |||||
| CVE-2002-1351 | 1 Melange | 1 Melange Chat System | 2017-07-11 | 5.0 MEDIUM | N/A |
| Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service (chat server crash) and possibly execute arbitrary code via the msgText buffer in the chat_InterpretData function, as demonstrated via a long Nick (nickname) request. | |||||
| CVE-2002-1353 | 1 Intranet-server | 1 Localweb2000 | 2017-07-11 | 5.0 MEDIUM | N/A |
| LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst. | |||||
| CVE-2002-1354 | 1 Typsoft | 1 Typsoft Ftp Server | 2017-07-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows local users to list the contents of arbitrary directories via a ... (dot dot dot) in the cd/CWD command. | |||||
| CVE-2002-1368 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-07-11 | 7.5 HIGH | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | |||||
| CVE-2002-1378 | 1 Openldap | 1 Openldap | 2017-07-11 | 7.5 HIGH | N/A |
| Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | |||||
| CVE-2002-1397 | 1 Postgresql | 1 Postgresql | 2017-07-11 | 7.5 HIGH | N/A |
| Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | |||||
| CVE-2002-1456 | 1 Khaled Mardam-bey | 1 Mirc | 2017-07-11 | 7.5 HIGH | N/A |
| Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. | |||||
| CVE-2002-1565 | 1 Immunix | 1 Immunix | 2017-07-11 | 7.5 HIGH | N/A |
| Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL. | |||||
| CVE-2002-1566 | 1 Netris | 1 Netris | 2017-07-11 | 5.0 MEDIUM | N/A |
| netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284. | |||||
| CVE-2002-1569 | 2 Ghostview, Gv | 2 Ghostview, Gv | 2017-07-11 | 7.5 HIGH | N/A |
| gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file. | |||||
| CVE-2002-1570 | 1 Ucd-snmp | 1 Ucd-snmp | 2017-07-11 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array. | |||||
| CVE-2002-1575 | 1 Mit | 1 Cgiemail | 2017-07-11 | 5.0 MEDIUM | N/A |
| cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message. | |||||
| CVE-2002-1576 | 1 Sap | 1 Sap Db | 2017-07-11 | 7.2 HIGH | N/A |
| lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program. | |||||
| CVE-2002-1577 | 1 Sap | 1 Sap R 3 | 2017-07-11 | 7.5 HIGH | N/A |
| SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts. | |||||
| CVE-2002-1578 | 1 Sap | 1 Sap R 3 | 2017-07-11 | 7.5 HIGH | N/A |
| The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected. | |||||
| CVE-2002-1579 | 1 Sap | 1 Sapgui | 2017-07-11 | 5.0 MEDIUM | N/A |
| SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error. | |||||
| CVE-2002-1580 | 1 Carnegie Mellon University | 1 Cyrus Imap Server | 2017-07-11 | 7.5 HIGH | N/A |
| Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347. | |||||
| CVE-2002-1588 | 1 Sun | 1 Openwindows | 2017-07-11 | 5.0 MEDIUM | N/A |
| Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service (mailtool segmentation violation and crash) via a malformed mail attachment. | |||||
| CVE-2002-1594 | 2 Grpck, Pwck | 2 Grpck, Pwck | 2017-07-11 | 7.2 HIGH | N/A |
| Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument. | |||||
| CVE-2002-1599 | 1 Daniel Barron | 1 Dansguardian | 2017-07-11 | 7.5 HIGH | N/A |
| DansGuardian before 2.4.5-1 allows remote attackers to bypass content filtering rules via hex-encoded URLs. | |||||
| CVE-2002-1601 | 1 Adobe | 1 Photodeluxe | 2017-07-11 | 5.1 MEDIUM | N/A |
| The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page. | |||||
| CVE-2002-1602 | 1 Gnu | 1 Screen | 2017-07-11 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code. | |||||
| CVE-2002-1603 | 1 Goahead Software | 1 Goahead Webserver | 2017-07-11 | 5.0 MEDIUM | N/A |
| GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed. | |||||
| CVE-2002-1604 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 7.5 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver. | |||||
| CVE-2002-1605 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 7.5 HIGH | N/A |
| Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession. | |||||
| CVE-2002-1606 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm. | |||||
| CVE-2002-1607 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 4.6 MEDIUM | N/A |
| Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||||
| CVE-2002-1608 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 4.6 MEDIUM | N/A |
| Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||||
| CVE-2002-1609 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 4.6 MEDIUM | N/A |
| Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
| CVE-2002-1610 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 2.1 LOW | N/A |
| Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service. | |||||
| CVE-2002-1611 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 4.6 MEDIUM | N/A |
| Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
| CVE-2002-1612 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 7.2 HIGH | N/A |
| Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
| CVE-2002-1613 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 7.2 HIGH | N/A |
| Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
| CVE-2002-1614 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 7.2 HIGH | N/A |
| Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at. | |||||
| CVE-2002-1615 | 1 Hp | 2 Hp-ux, Tru64 | 2017-07-11 | 7.2 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader. | |||||
| CVE-2002-1616 | 1 Hp | 1 Tru64 | 2017-07-11 | 7.2 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc. | |||||
| CVE-2002-1619 | 1 Ibm | 1 Aix | 2017-07-11 | 5.0 MEDIUM | N/A |
| Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump). | |||||
| CVE-2002-1620 | 1 Ibm | 1 Aix Parallel Systems Support Programs | 2017-07-11 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows remote attackers to read arbitrary files from a file collection. | |||||