Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2008-09-10 | 7.5 HIGH | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0135 | 1 Atretail | 1 Atretail | 2008-09-10 | 7.5 HIGH | N/A |
| The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2008-09-10 | 7.5 HIGH | N/A |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0152 | 1 Novell | 1 Bordermanager | 2008-09-10 | 5.0 MEDIUM | N/A |
| Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000. | |||||
| CVE-2000-0255 | 1 Nbase-xyplex | 1 Edgeblaster | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||
| CVE-2000-0175 | 1 Sun | 1 Staroffice | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. | |||||
| CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | |||||
| CVE-2000-0158 | 1 Sco | 1 Openserver | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. | |||||
| CVE-2000-0132 | 1 Microsoft | 1 Virtual Machine | 2008-09-10 | 2.6 LOW | N/A |
| Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | |||||
| CVE-2000-0133 | 1 H. Nomura | 1 Tiny Ftpdaemon | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands. | |||||
| CVE-2000-0134 | 1 Adgrafix Corporation | 1 Check It Out | 2008-09-10 | 7.5 HIGH | N/A |
| The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0144 | 1 Axis | 1 700 Network Document Server | 2008-09-10 | 7.5 HIGH | N/A |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. | |||||
| CVE-2000-0145 | 1 Debian | 1 Debian Linux | 2008-09-10 | 7.5 HIGH | N/A |
| The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions. | |||||
| CVE-2000-0146 | 1 Novell | 1 Groupwise | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2008-09-10 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2000-0170 | 2 Redhat, Turbolinux | 2 Linux, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. | |||||
| CVE-2000-0171 | 1 At Computing | 1 Atsar Linux | 2008-09-10 | 7.2 HIGH | N/A |
| atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges. | |||||
| CVE-2000-0172 | 2 Matt Kimball And Roger Wolff, Turbolinux | 2 Mtr, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges. | |||||
| CVE-2000-0173 | 1 Sco | 1 Unixware | 2008-09-10 | 5.0 MEDIUM | N/A |
| Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0174 | 1 Sun | 1 Staroffice | 2008-09-10 | 5.0 MEDIUM | N/A |
| StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2008-09-10 | 5.0 MEDIUM | N/A |
| RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
| CVE-2000-0186 | 4 Freebsd, Mandrakesoft, Redhat and 1 more | 4 Freebsd, Mandrake Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. | |||||
| CVE-2000-0187 | 1 Alex Heiphetz Group | 1 Ezshopper | 2008-09-10 | 7.5 HIGH | N/A |
| EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
| CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2008-09-10 | 7.5 HIGH | N/A |
| EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
| CVE-2000-0189 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. | |||||
| CVE-2000-0190 | 1 Aol | 1 Instant Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. | |||||
| CVE-2000-0203 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345. | |||||
| CVE-2000-0204 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%. | |||||
| CVE-2000-0205 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 6.4 MEDIUM | N/A |
| Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients. | |||||
| CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2008-09-10 | 6.2 MEDIUM | N/A |
| The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | |||||
| CVE-2000-0207 | 1 Sgi | 2 Infosearch, Irix | 2008-09-10 | 7.5 HIGH | N/A |
| SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0213 | 1 Sambar | 1 Sambar Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0214 | 1 Ftpx | 1 Ftp Explorer | 2008-09-10 | 4.6 MEDIUM | N/A |
| FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites. | |||||
| CVE-2000-0215 | 1 Sco | 1 Unixware | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. | |||||
| CVE-2000-0216 | 1 Microsoft | 3 Exchange Server, Outlook, Windows Messaging | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | |||||
| CVE-2000-0217 | 2 Openbsd, Ssh | 3 Openssh, Ssh, Ssh2 | 2008-09-10 | 5.1 MEDIUM | N/A |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. | |||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | |||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
| CVE-2000-0230 | 2 Halloween, Redhat | 2 Halloween Linux, Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. | |||||
| CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. | |||||
| CVE-2000-0244 | 1 Citrix | 2 Metaframe, Winframe | 2008-09-10 | 10.0 HIGH | N/A |
| The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication. | |||||
| CVE-2000-0261 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0262 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. | |||||
| CVE-2000-0263 | 1 Redhat | 1 Linux | 2008-09-10 | 2.1 LOW | N/A |
| The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. | |||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2008-09-10 | 2.1 LOW | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | |||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2008-09-10 | 3.6 LOW | N/A |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | |||||
| CVE-2000-0271 | 1 Gnu | 1 Emacs | 2008-09-10 | 4.6 MEDIUM | N/A |
| read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | |||||
| CVE-2000-0102 | 1 Salescart | 1 Salescart | 2008-09-10 | 7.5 HIGH | N/A |
| The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0042 | 1 Csm | 1 Mail Server | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. | |||||