Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0584 | 1 Workforceroi | 1 Xpede | 2008-09-05 | 5.0 MEDIUM | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet. | |||||
| CVE-2002-0589 | 1 Steve Korbett | 1 Pvote | 2008-09-05 | 7.5 HIGH | N/A |
| PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password. | |||||
| CVE-2002-0587 | 1 Aol | 1 Aol Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | |||||
| CVE-2002-0588 | 1 Steve Korbett | 1 Pvote | 2008-09-05 | 5.0 MEDIUM | N/A |
| PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php. | |||||
| CVE-2002-0591 | 1 Aol | 1 Instant Messenger | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filename. | |||||
| CVE-2002-0590 | 1 Icredibb | 1 Icredibb | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts. | |||||
| CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | |||||
| CVE-2002-0595 | 1 Webtrends | 1 Reporting Center | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory. | |||||
| CVE-2002-0594 | 3 Galeon, Mozilla, Netscape | 3 Galeon Browser, Mozilla, Navigator | 2008-09-05 | 5.0 MEDIUM | N/A |
| Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | |||||
| CVE-2002-0607 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2008-09-05 | 7.5 HIGH | N/A |
| members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL. | |||||
| CVE-2002-0608 | 1 Matu | 1 Matu Ftp | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner. | |||||
| CVE-2002-0599 | 1 Blahz-dns | 1 Blahz-dns | 2008-09-05 | 10.0 HIGH | N/A |
| Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen. | |||||
| CVE-2002-0598 | 1 Foundstone | 1 Fscan | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner. | |||||
| CVE-2002-0606 | 1 3com | 1 3cdaemon | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long commands such as login. | |||||
| CVE-2002-0800 | 1 Working Resources Inc. | 1 Badblue | 2008-09-05 | 5.0 MEDIUM | N/A |
| BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. | |||||
| CVE-2002-0601 | 1 Information Security Systems | 1 Realsecure Network Sensor | 2008-09-05 | 5.0 MEDIUM | N/A |
| ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer. | |||||
| CVE-2002-0801 | 1 Macromedia | 1 Jrun | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. | |||||
| CVE-2002-0613 | 1 Dnstools Software | 1 Dnstools | 2008-09-05 | 10.0 HIGH | N/A |
| dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters. | |||||
| CVE-2002-0609 | 1 Hp | 1 Mpe Ix | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets. | |||||
| CVE-2002-0612 | 1 Craig Patchett | 1 Fileseek | 2008-09-05 | 7.5 HIGH | N/A |
| FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters. | |||||