Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1034 | 1 Sun | 1 I-runbook | 2008-09-05 | 10.0 HIGH | N/A |
| none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument. | |||||
| CVE-2002-0894 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2008-09-05 | 5.0 MEDIUM | N/A |
| NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet. | |||||
| CVE-2002-0893 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences. | |||||
| CVE-2002-0908 | 1 Cisco | 1 Ids Device Manager | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. | |||||
| CVE-2002-0892 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2008-09-05 | 5.0 MEDIUM | N/A |
| The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message. | |||||
| CVE-2002-1023 | 1 Working Resources Inc. | 1 Badblue | 2008-09-05 | 5.0 MEDIUM | N/A |
| BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. | |||||
| CVE-2002-0897 | 1 Intranet-server | 1 Localweb2000 | 2008-09-05 | 7.5 HIGH | N/A |
| LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory. | |||||
| CVE-2002-0896 | 1 Swatch | 1 Swatch | 2008-09-05 | 5.0 MEDIUM | N/A |
| The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection. | |||||
| CVE-2002-0902 | 1 Phpbb Group | 1 Phpbb | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script. | |||||
| CVE-2002-0895 | 1 Matu | 1 Matu Ftp | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command. | |||||
| CVE-2002-0901 | 1 Amanda | 1 Amanda | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar. | |||||
| CVE-2002-0899 | 1 Blueface | 1 Falcon Web Server | 2008-09-05 | 7.5 HIGH | N/A |
| Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot). | |||||
| CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-0900 | 1 Mit | 1 Pgp Public Key Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | |||||
| CVE-2002-1127 | 1 Digital | 1 Osf 1 | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter. | |||||
| CVE-2002-1006 | 1 Bbc Education | 1 Betsie | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl. | |||||
| CVE-2002-1132 | 1 Squirrelmail | 1 Squirrelmail | 2008-09-05 | 5.0 MEDIUM | N/A |
| SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script. | |||||
| CVE-2002-0942 | 1 Lumigent | 1 Log Explorer | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach. | |||||
| CVE-2002-0907 | 1 Nullsoft | 1 Shoutcast Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-". | |||||
| CVE-2002-1154 | 1 Stephen Turner | 1 Analog | 2008-09-05 | 5.0 MEDIUM | N/A |
| anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service (disk consumption) by using the command to report updates more frequently and fill the web server error log. | |||||