Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1134 | 1 Sun | 1 Java | 2008-09-05 | 2.1 LOW | N/A |
| Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | |||||
| CVE-2003-1246 | 1 Pedestal Software | 1 Integrity Protection Driver | 2008-09-05 | 2.1 LOW | N/A |
| NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. | |||||
| CVE-2003-1135 | 1 Yahoo | 1 Messenger | 2008-09-05 | 2.6 LOW | N/A |
| Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | |||||
| CVE-2003-1248 | 1 Positive Software | 1 H-sphere | 2008-09-05 | 7.5 HIGH | N/A |
| H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. | |||||
| CVE-2003-1238 | 1 Nuked-klan | 1 Nuked-klan | 2008-09-05 | 5.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. | |||||
| CVE-2003-1237 | 1 Matt Wright | 1 Wwwboard | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. | |||||
| CVE-2003-1261 | 1 Globalscape | 1 Cuteftp | 2008-09-05 | 2.1 LOW | N/A |
| Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. | |||||
| CVE-2003-1280 | 1 Eekim | 1 Cgihtml | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. (dot dot) in multipart/form-data uploads. | |||||
| CVE-2003-1271 | 1 An | 1 An-http | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script. | |||||
| CVE-2003-1363 | 1 Aprelium Technologies | 1 Abyss Web Server | 2008-09-05 | 6.4 MEDIUM | N/A |
| The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. | |||||
| CVE-2003-1266 | 1 Etype | 1 Eserv | 2008-09-05 | 5.0 MEDIUM | N/A |
| The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. | |||||
| CVE-2003-1250 | 1 Efficient Networks | 1 5861 Dsl Router | 2008-09-05 | 5.0 MEDIUM | N/A |
| Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. | |||||
| CVE-2003-1161 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 7.2 HIGH | N/A |
| exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. | |||||
| CVE-2003-1293 | 1 Nukedweb | 1 Guestbookhost | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. | |||||
| CVE-2003-1323 | 1 Elm Development Group | 1 Elm | 2008-09-05 | 6.8 MEDIUM | N/A |
| Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors. | |||||
| CVE-2003-1264 | 2 D-link, Longshine Technologie | 2 Di-614\+, Longshine Wireless Ethernet Access Point | 2008-09-05 | 5.0 MEDIUM | N/A |
| TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication. | |||||
| CVE-2003-1279 | 1 Insightful | 1 S-plus | 2008-09-05 | 4.6 MEDIUM | N/A |
| S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html. | |||||
| CVE-2003-1247 | 1 Positive Software | 1 H-sphere | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist. | |||||
| CVE-2003-1241 | 1 Levcgi.com | 1 Myguestbook | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. | |||||
| CVE-2003-1125 | 1 Sun | 1 One Directory Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). | |||||