Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0752 | 1 Attila-php.net | 1 Attilaphp | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter. | |||||
| CVE-2003-0878 | 1 Apple | 1 Mac Os X | 2008-09-05 | 2.1 LOW | N/A |
| slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875. | |||||
| CVE-2003-0725 | 1 Realnetworks | 2 Helix Universal Server, Realserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code. | |||||
| CVE-2003-0943 | 1 Sap | 1 Sap Db | 2008-09-05 | 7.5 HIGH | N/A |
| web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm). | |||||
| CVE-2003-0749 | 1 Sap | 1 Internet Transaction Server | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter. | |||||
| CVE-2003-0885 | 1 Xscreensaver | 1 Xscreensaver | 2008-09-05 | 6.4 MEDIUM | N/A |
| Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2003-0887 | 1 Angus Mackay | 1 Ez-ipupdate | 2008-09-05 | 2.1 LOW | N/A |
| ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file. | |||||
| CVE-2003-0761 | 1 Digium | 1 Asterisk | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | |||||
| CVE-2003-0732 | 1 Cisco | 4 Ciscoworks Cd1, Ciscoworks Common Management Foundation, Resource Manager and 1 more | 2008-09-05 | 10.0 HIGH | N/A |
| CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages. | |||||
| CVE-2003-0939 | 1 Sap | 1 Sap Db | 2008-09-05 | 7.5 HIGH | N/A |
| eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow. | |||||
| CVE-2003-1031 | 1 Jelsoft | 1 Vbulletin | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation." | |||||
| CVE-2003-0733 | 1 Bea | 3 Liquid Data, Weblogic Integration, Weblogic Server | 2008-09-05 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application. | |||||
| CVE-2003-0360 | 1 Debian | 1 Debian Linux | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2003-0438 | 1 Yuuichi Teranishi | 1 Eldav | 2008-09-05 | 1.2 LOW | N/A |
| eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2003-0316 | 1 Fourelle Venturi Wireless | 1 Venturi Client | 2008-09-05 | 5.0 MEDIUM | N/A |
| Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers. | |||||
| CVE-2003-0322 | 1 Colten Edwards | 1 Bitchx | 2008-09-05 | 5.0 MEDIUM | N/A |
| Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash). | |||||
| CVE-2003-0328 | 1 Epic | 1 Epic4 | 2008-09-05 | 7.5 HIGH | N/A |
| EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect length calculation. | |||||
| CVE-2003-0340 | 1 Demarc Security | 1 Puresecure | 2008-09-05 | 7.5 HIGH | N/A |
| Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges. | |||||
| CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2008-09-05 | 5.0 MEDIUM | N/A |
| Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. | |||||
| CVE-2003-0419 | 1 Smc Networks | 1 Barricade Wireless Cable Dsl Broadband Router | 2008-09-05 | 5.0 MEDIUM | N/A |
| SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR allows remote attackers to cause a denial of service via certain packets to PPTP port 1723 on the internal interface. | |||||