Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0315 | 1 Snowblind.net | 1 Snowblind Web Server | 2016-10-17 | 7.5 HIGH | N/A |
| Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP request, which may trigger a buffer overflow. | |||||
| CVE-2003-0331 | 1 Ttcms | 1 Ttforum | 2016-10-17 | 10.0 HIGH | N/A |
| SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page. | |||||
| CVE-2003-0320 | 1 Andy Prevost | 1 Ttcms | 2016-10-17 | 7.5 HIGH | N/A |
| header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script. | |||||
| CVE-2003-0318 | 1 Francisco Burzi | 1 Php-nuke | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter. | |||||
| CVE-2003-0314 | 1 Snowblind.net | 1 Snowblind Web Server | 2016-10-17 | 6.4 MEDIUM | N/A |
| Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence. | |||||
| CVE-2003-0343 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2016-10-17 | 4.6 MEDIUM | N/A |
| BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier for remote attackers to conduct brute force attacks. | |||||
| CVE-2003-0336 | 1 Qualcomm | 1 Eudora | 2016-10-17 | 5.0 MEDIUM | N/A |
| Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. | |||||
| CVE-2003-0321 | 1 Colten Edwards | 1 Bitchx | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nicknames, or channel names, which are not properly handled by the functions (1) send_ctcp, (2) cannot_join_channel, (3) cluster, (4) BX_compress_modes, (5) handle_oper_vision, and (6) ban_it. | |||||
| CVE-2003-0304 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2016-10-17 | 10.0 HIGH | N/A |
| one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. | |||||
| CVE-2003-0319 | 1 Smartmax Software | 1 Mailmax | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command. | |||||
| CVE-2003-0325 | 1 Ambrosia Software | 1 Maelstrom | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument. | |||||
| CVE-2003-0330 | 1 Ambrosia Software | 1 Maelstrom | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument. | |||||
| CVE-2003-0335 | 1 Slackware | 1 Slackware Linux | 2016-10-17 | 7.5 HIGH | N/A |
| rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | |||||
| CVE-2003-0332 | 1 Working Resources Inc. | 1 Badblue | 2016-10-17 | 7.6 HIGH | N/A |
| The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension. | |||||
| CVE-2003-0296 | 1 Ximian | 1 Evolution | 2016-10-17 | 7.5 HIGH | N/A |
| The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||||
| CVE-2003-0313 | 1 Snowblind.net | 1 Snowblind Web Server | 2016-10-17 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request. | |||||
| CVE-2003-0342 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2016-10-17 | 4.6 MEDIUM | N/A |
| BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges. | |||||
| CVE-2003-0337 | 1 Platform | 1 Lsadmin | 2016-10-17 | 4.6 MEDIUM | N/A |
| The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSF_SERVERDIR to point to a malicious lim program, which lsadmin then executes. | |||||
| CVE-2003-0341 | 1 Owl | 1 Owl Intranet Engine | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field. | |||||
| CVE-2003-0299 | 2 Mutt, Stuart Parmenter | 2 Mutt, Balsa | 2016-10-17 | 7.5 HIGH | N/A |
| The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors. | |||||