Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1839 | 1 Trend Micro | 1 Interscan Viruswall For Windows Nt | 2008-09-05 | 5.0 MEDIUM | N/A |
| Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message. | |||||
| CVE-2002-1840 | 1 Irssi | 1 Irssi | 2008-09-05 | 10.0 HIGH | N/A |
| irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. | |||||
| CVE-2002-1844 | 1 Microsoft | 1 Windows Media Player | 2008-09-05 | 7.2 HIGH | N/A |
| Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | |||||
| CVE-2002-1843 | 1 Perlbot | 1 Perlbot | 2008-09-05 | 7.5 HIGH | N/A |
| Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. | |||||
| CVE-2002-1948 | 1 Gringotts | 1 Gringotts | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. | |||||
| CVE-2002-1853 | 1 Carlos Sanchez Valle | 1 Mynewsgroups | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the subject of a newsgroup post, which is not properly handled by (1) myarticles.php, (2) search.php, (3) stats.php, or (4) standard.lib.php. | |||||
| CVE-2002-1846 | 1 Yabb | 1 Yabb | 2008-09-05 | 5.0 MEDIUM | N/A |
| Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a profile2 action to index.php. | |||||
| CVE-2002-1896 | 1 Alsaplayer | 1 Alsaplayer | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument. | |||||
| CVE-2002-1848 | 1 Tightvnc | 1 Tightvnc | 2008-09-05 | 2.1 LOW | N/A |
| TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control of the WinVNC Properties dialog, which could allow local users to access passwords. | |||||
| CVE-2002-1849 | 1 Parachat | 1 Parachat Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote attackers to cause a denial of service by repeatedly logging into a chat room, hitting the back button, then logging into the same chat room as a different user, which fills the chat room with invalid users. | |||||
| CVE-2002-1894 | 1 Phpbb Group | 1 Phpbb | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | |||||
| CVE-2002-1893 | 1 Argosoft | 1 Argosoft Mail Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message. | |||||
| CVE-2002-1940 | 1 Jacob Navia | 1 Lcc-win32 | 2008-09-05 | 5.0 MEDIUM | N/A |
| LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application. | |||||
| CVE-2002-1816 | 1 Yann Ramin | 1 Atphttpd | 2008-09-05 | 7.5 HIGH | N/A |
| Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-1860 | 1 Pramati | 1 Pramati Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
| CVE-2002-1888 | 1 Commonname | 1 Commonname Toolbar | 2008-09-05 | 2.1 LOW | N/A |
| CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names. | |||||
| CVE-2002-1938 | 1 Virgil | 1 Cgi Scanner | 2008-09-05 | 7.5 HIGH | N/A |
| Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the (1) tar (TARGET) or (2) zielport (ZIELPORT) parameters. | |||||
| CVE-2002-1815 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2002-1862 | 1 Virtualzone | 1 Smartmail Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data and closing the connection before all the data has been sent. | |||||
| CVE-2002-1857 | 1 Jo | 1 Jo Webserver | 2008-09-05 | 5.0 MEDIUM | N/A |
| jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||