Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2016 | 1 User-mode Linux | 1 User-mode Linux | 2008-09-05 | 7.2 HIGH | N/A |
| User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code. | |||||
| CVE-2002-2015 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-09-05 | 7.5 HIGH | N/A |
| PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter. | |||||
| CVE-2002-2014 | 1 Ibm | 1 Lotus Domino | 2008-09-05 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks. | |||||
| CVE-2002-2013 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
| CVE-2002-2012 | 1 Apache | 1 Http Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | |||||
| CVE-2002-2011 | 1 Jon Howell | 1 Faq-o-matic | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter. | |||||
| CVE-2002-2010 | 1 Htdig | 1 Htdig | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht://Dig) 3.1.5, 3.1.6, and 3.2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | |||||
| CVE-2002-2007 | 1 Apache | 1 Tomcat | 2008-09-05 | 5.0 MEDIUM | N/A |
| The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages. | |||||
| CVE-2002-2004 | 1 Compaq | 1 Tru64 | 2008-09-05 | 5.0 MEDIUM | N/A |
| portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets. | |||||
| CVE-2002-2003 | 1 Compaq | 1 Tru64 | 2008-09-05 | 5.0 MEDIUM | N/A |
| ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | |||||
| CVE-2002-2000 | 1 Compaq | 1 Acms | 2008-09-05 | 2.1 LOW | N/A |
| ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data. | |||||
| CVE-2002-1999 | 1 Hp | 1 Praesidium Webproxy | 2008-09-05 | 5.0 MEDIUM | N/A |
| HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. | |||||
| CVE-2002-1998 | 1 Sco | 2 Open Unix, Unixware | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | |||||
| CVE-2002-1996 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-09-05 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php. | |||||
| CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | |||||
| CVE-2002-1994 | 1 Gamecheats | 1 Advanced Web Server Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence. | |||||
| CVE-2002-1993 | 1 Affordable Web Space Design | 1 Affordable Web Space Design Webbbs | 2008-09-05 | 10.0 HIGH | N/A |
| webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter. | |||||
| CVE-2002-1992 | 1 Macromedia | 2 Coldfusion, Coldfusion Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | |||||
| CVE-2002-1990 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet. | |||||
| CVE-2002-1989 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp. | |||||