Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1125 | 1 Oracle | 1 Http Server | 2016-10-17 | 10.0 HIGH | N/A |
| Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. | |||||
| CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
| CVE-1999-1132 | 1 Microsoft | 1 Windows Nt | 2016-10-17 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. | |||||
| CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2016-10-17 | 7.2 HIGH | N/A |
| Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | |||||
| CVE-1999-1164 | 1 Microsoft | 2 Outlook, Outlook Express | 2016-10-17 | 5.0 MEDIUM | N/A |
| Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang. | |||||
| CVE-1999-1160 | 1 Hp | 1 Hp-ux | 2016-10-17 | 10.0 HIGH | N/A |
| Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. | |||||
| CVE-1999-1161 | 1 Hp | 1 Hp-ux | 2016-10-17 | 7.2 HIGH | N/A |
| Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. | |||||
| CVE-1999-1163 | 1 Hp | 1 9000 | 2016-10-17 | 7.5 HIGH | N/A |
| Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation. | |||||
| CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2016-10-17 | 7.2 HIGH | N/A |
| GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | |||||
| CVE-1999-1173 | 1 Corel | 1 Wordperfect | 2016-10-17 | 2.1 LOW | N/A |
| Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack. | |||||
| CVE-1999-1176 | 2 Aaron Ledbetter, Jidentd | 2 Cidentd, Jidentd | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in cidentd ident daemon allows local users to gain root privileges via a long line in the .authlie script. | |||||
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
| CVE-1999-0958 | 1 Todd Miller | 1 Sudo | 2016-10-17 | 7.2 HIGH | N/A |
| sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack. | |||||
| CVE-1999-0961 | 1 Hp | 1 Hp-ux | 2016-10-17 | 6.2 MEDIUM | N/A |
| HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. | |||||
| CVE-1999-0979 | 1 Sco | 1 Unixware | 2016-10-17 | 7.2 HIGH | N/A |
| The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. | |||||
| CVE-1999-1002 | 1 Netscape | 1 Communicator | 2016-10-17 | 5.0 MEDIUM | N/A |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | |||||
| CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2016-10-17 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | |||||
| CVE-1999-1006 | 1 Novell | 1 Groupwise | 2016-10-17 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. | |||||
| CVE-1999-1007 | 1 Vdonet | 1 Vdolive Player | 2016-10-17 | 7.6 HIGH | N/A |
| Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file. | |||||
| CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2016-10-17 | 7.2 HIGH | N/A |
| xsoldier program allows local users to gain root access via a long argument. | |||||