Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1797 | 1 Hp | 1 Chaivm | 2008-09-05 | 4.6 MEDIUM | N/A |
| ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer. | |||||
| CVE-2002-1946 | 1 Videsh Sanchar Nigam Limited | 1 Integrated Dialer Software | 2008-09-05 | 2.1 LOW | N/A |
| Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry key, which allows local users to obtain and decrypt the password. | |||||
| CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2008-09-05 | 7.5 HIGH | N/A |
| index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | |||||
| CVE-2002-1939 | 1 Flashfxp | 1 Flashfxp | 2008-09-05 | 2.1 LOW | N/A |
| FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties. | |||||
| CVE-2002-1799 | 1 Phprank | 1 Phprank | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) email parameter to add.php or (2) banurl parameter. | |||||
| CVE-2002-1911 | 1 Zonelabs | 1 Zonealarm | 2008-09-05 | 5.0 MEDIUM | N/A |
| ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue. | |||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | |||||
| CVE-2002-1885 | 1 Powerphlogger | 1 Powerphlogger | 2008-09-05 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter. | |||||
| CVE-2002-1886 | 1 Tightauction | 1 Tightauction | 2008-09-05 | 5.0 MEDIUM | N/A |
| TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password. | |||||
| CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2008-09-05 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | |||||
| CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2008-09-05 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | |||||
| CVE-2002-1795 | 1 Microsoft | 1 Tsac Activex Control | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2002-1913 | 1 Myphpnuke | 1 Myphpnuke | 2008-09-05 | 5.0 MEDIUM | N/A |
| phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable. | |||||
| CVE-2002-1866 | 1 Sws | 1 Sws Simple Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow remote attackers to cause a denial of service (file descriptor exhaustion) via multiple requests for pages that do not exist. | |||||
| CVE-2002-1962 | 1 Finjan Software | 1 Surfingate | 2008-09-05 | 7.5 HIGH | N/A |
| Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname. | |||||
| CVE-2002-1686 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in lscfg of unknown versions of AIX has unknown impact. | |||||
| CVE-2002-1687 | 1 Ibm | 1 Aix | 2008-09-05 | 2.1 LOW | N/A |
| Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. | |||||
| CVE-2002-1961 | 1 Finjan Software | 1 Surfingate | 2008-09-05 | 7.5 HIGH | N/A |
| Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL whose hostname portion uses a fully qualified domain name (FQDN) that ends in a "." (dot). | |||||
| CVE-2002-1864 | 1 Sws | 1 Sws Simple Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request. | |||||
| CVE-2002-1945 | 1 Virtualzone | 1 Smartmail Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote attackers to cause a denial of service (crash) via a long request to (1) TCP port 25 (SMTP) or (2) TCP port 110 (POP3). | |||||