Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2014 | 1 Ibm | 1 Lotus Domino | 2008-09-05 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks. | |||||
| CVE-2002-2068 | 1 Sami Tolvanen | 1 Eraser | 2008-09-05 | 5.0 MEDIUM | N/A |
| Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | |||||
| CVE-2002-2035 | 1 Realityscape | 1 Mylogin 2000 | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password in the login form. | |||||
| CVE-2002-2036 | 1 Sun | 1 Ray Server Software | 2008-09-05 | 7.5 HIGH | N/A |
| Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client. | |||||
| CVE-2002-2042 | 1 Qnx | 1 Rtos | 2008-09-05 | 7.2 HIGH | N/A |
| ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes. | |||||
| CVE-2002-2065 | 1 Webcalendar | 1 Webcalendar | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. | |||||
| CVE-2002-2044 | 1 Xqus | 1 X-stat | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action. | |||||
| CVE-2002-2043 | 1 Cyrus | 1 Sasl | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. | |||||
| CVE-2002-2047 | 1 Sketch | 1 Sketch | 2008-09-05 | 10.0 HIGH | N/A |
| The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file. | |||||
| CVE-2002-2050 | 1 Modlogan | 1 Modlogan | 2008-09-05 | 2.1 LOW | N/A |
| Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry. | |||||
| CVE-2002-2051 | 1 Modlogan | 1 Modlogan | 2008-09-05 | 2.1 LOW | N/A |
| The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file. | |||||
| CVE-2002-2052 | 1 Cisco | 1 Ios | 2008-09-05 | 5.0 MEDIUM | N/A |
| Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software. | |||||
| CVE-2002-2060 | 1 Twibright Labs | 1 Links | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images. | |||||
| CVE-2002-2085 | 1 Wwwebbb | 1 Wwwebbb Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
| CVE-2002-2076 | 1 Summit Computer Networks | 1 Lil Http | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request. | |||||
| CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2008-09-05 | 5.0 MEDIUM | N/A |
| ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. | |||||
| CVE-2002-2084 | 1 Portix-php | 1 Portix-php | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters. | |||||
| CVE-2002-2079 | 2 Mosix Project, Openmosix Project | 2 Mosix, Openmosix | 2008-09-05 | 5.0 MEDIUM | N/A |
| mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets. | |||||
| CVE-2002-2078 | 1 Floosietek | 2 Ftgateoffice, Ftgatepro | 2008-09-05 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. | |||||
| CVE-2002-2183 | 1 Phpshare | 1 Phpshare | 2008-09-05 | 7.5 HIGH | N/A |
| phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary PHP scripts from remote servers. | |||||