Total
28799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0746 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. | |||||
| CVE-2002-0745 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in uucp in AIX 4.3.3. | |||||
| CVE-2002-0744 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. | |||||
| CVE-2002-0743 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. | |||||
| CVE-2002-0742 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in pioout on AIX 4.3.3. | |||||
| CVE-2002-0741 | 1 Psychoid | 1 Psybnc | 2008-09-05 | 5.0 MEDIUM | N/A |
| psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC. | |||||
| CVE-2002-0740 | 1 Slrn Development Team | 1 Slrn | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument. | |||||
| CVE-2002-0739 | 1 Postnuke Software Foundation | 1 Postcalendar | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. | |||||
| CVE-2002-0738 | 1 Mhonarc | 1 Mhonarc | 2008-09-05 | 7.5 HIGH | N/A |
| MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax. | |||||
| CVE-2002-0737 | 1 Sambar | 1 Sambar Server | 2008-09-05 | 6.4 MEDIUM | N/A |
| Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character. | |||||
| CVE-2002-0736 | 1 Microsoft | 1 Backoffice | 2008-09-05 | 10.0 HIGH | N/A |
| Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank. | |||||
| CVE-2002-0734 | 1 Michel Valdrighi | 1 B2 | 2008-09-05 | 7.5 HIGH | N/A |
| b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server. | |||||
| CVE-2002-0733 | 1 Acme Labs | 1 Thttpd | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message. | |||||
| CVE-2002-0731 | 1 Vqsoft | 1 Vqserver | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in demonstration scripts for vqServer allows remote attackers to execute arbitrary script via a link that contains the script in arguments to demo scripts such as respond.pl. | |||||
| CVE-2002-0730 | 1 Philip Chinery | 1 Philip Chinerys Guestbook | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in guestbook.pl for Philip Chinery's Guestbook 1.1 allows remote attackers to execute Javascript or HTML via fields such as (1) Name, (2) EMail, or (3) Homepage. | |||||
| CVE-2002-0728 | 1 Greg Roelofs | 1 Libpng | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. | |||||
| CVE-2002-0703 | 1 Gisle Aas | 1 Digest-md5 | 2008-09-05 | 7.5 HIGH | N/A |
| An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. | |||||
| CVE-2002-0688 | 1 Zope | 1 Zope | 2008-09-05 | 7.5 HIGH | N/A |
| ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes. | |||||
| CVE-2002-0687 | 1 Zope | 1 Zope | 2008-09-05 | 5.0 MEDIUM | N/A |
| The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers. | |||||
| CVE-2002-0676 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.5 HIGH | N/A |
| SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. | |||||