Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1221 | 1 Bea | 1 Weblogic Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions. | |||||
| CVE-2003-1225 | 1 Bea | 1 Weblogic Server | 2008-09-10 | 2.1 LOW | N/A |
| The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords. | |||||
| CVE-2003-1002 | 1 Cisco | 9 Catalyst 6500, Catalyst 6500 Ws-svc-nam-1, Catalyst 6500 Ws-svc-nam-2 and 6 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | |||||
| CVE-2003-1001 | 1 Cisco | 9 Catalyst 6500, Catalyst 6500 Ws-svc-nam-1, Catalyst 6500 Ws-svc-nam-2 and 6 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. | |||||
| CVE-2003-0983 | 1 Cisco | 2 80-7111-01 For The Unity-svrx255-1a, 80-7112-01 For The Unity-svrx255-2a | 2008-09-10 | 7.5 HIGH | N/A |
| Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network. | |||||
| CVE-2003-1005 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. | |||||
| CVE-2003-0706 | 1 Nicolas Boullis | 1 Mah-jong | 2008-09-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop). | |||||
| CVE-2003-0804 | 3 Apple, Freebsd, Openbsd | 4 Mac Os X, Mac Os X Server, Freebsd and 1 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. | |||||
| CVE-2003-0902 | 1 Minimalist | 1 Minimalist | 2008-09-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands. | |||||
| CVE-2003-0832 | 1 Webfs | 1 Webfs | 2008-09-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header. | |||||
| CVE-2003-0647 | 1 Cisco | 1 Ios | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | |||||
| CVE-2003-0871 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system." | |||||
| CVE-2003-0679 | 1 Sgi | 1 Irix | 2008-09-10 | 2.1 LOW | N/A |
| Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files. | |||||
| CVE-2003-0689 | 1 Redhat | 1 Enterprise Linux | 2008-09-10 | 7.5 HIGH | N/A |
| The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | |||||
| CVE-2003-0697 | 1 Ibm | 1 Aix | 2008-09-10 | 7.2 HIGH | N/A |
| Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges. | |||||
| CVE-2003-0762 | 1 Foxweb | 1 Foxweb | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value). | |||||
| CVE-2003-0654 | 1 Autorespond | 1 Autorespond | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail. | |||||
| CVE-2003-0755 | 1 Gtkftpd | 1 Gtkftp | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command. | |||||
| CVE-2003-0643 | 1 Linux | 1 Linux Kernel | 2008-09-10 | 2.1 LOW | N/A |
| Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash). | |||||
| CVE-2003-0791 | 2 Mozilla, Sco | 2 Mozilla, Openserver | 2008-09-10 | 7.5 HIGH | N/A |
| The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. | |||||