Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1527 | 2 Ibm, Iss | 2 Internet Security Systems Blackice Defender, Blackice Server Protection | 2008-09-05 | 4.3 MEDIUM | N/A |
| BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
| CVE-2003-1537 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. | |||||
| CVE-2003-1538 | 1 Suse | 3 Office Server, Suse Linux, Suse Linux Openexchange Server | 2008-09-05 | 6.4 MEDIUM | N/A |
| susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | |||||
| CVE-2003-1539 | 1 Onedotoh | 1 Simple File Manager | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names. | |||||
| CVE-2003-1542 | 1 Ondrej Jombik | 1 Phpwebfilemanager | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the fm_path parameter. | |||||
| CVE-2004-0017 | 1 Phpgroupware | 1 Phpgroupware | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations. | |||||
| CVE-2004-0041 | 1 Mod Auth Shadow | 1 Mod Auth Shadow | 2008-09-05 | 7.5 HIGH | N/A |
| The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions. | |||||
| CVE-2004-0049 | 1 Realnetworks | 2 Helix Universal Mobile Server, Helix Universal Server | 2008-09-05 | 6.8 MEDIUM | N/A |
| Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | |||||
| CVE-2004-0056 | 1 Nortel | 3 802.11 Wireless Ip Gateway, Business Communications Manager, Succession Communication Server 1000 | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | |||||
| CVE-2004-0090 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors. | |||||
| CVE-2004-0096 | 1 Apache | 1 Mod Python | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973. | |||||
| CVE-2004-0182 | 1 Gnu | 1 Mailman | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field. | |||||
| CVE-2003-1119 | 1 Ssh | 1 Secure Shell | 2008-09-05 | 5.0 MEDIUM | N/A |
| SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets. | |||||
| CVE-2003-1125 | 1 Sun | 1 One Directory Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). | |||||
| CVE-2003-1126 | 1 Sun | 1 One Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | |||||
| CVE-2003-1132 | 1 Cisco | 2 Content Services Switch 11000, Content Services Switch 11500 | 2008-09-05 | 5.0 MEDIUM | N/A |
| The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. | |||||
| CVE-2003-1134 | 1 Sun | 1 Java | 2008-09-05 | 2.1 LOW | N/A |
| Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | |||||
| CVE-2003-1135 | 1 Yahoo | 1 Messenger | 2008-09-05 | 2.6 LOW | N/A |
| Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | |||||
| CVE-2003-1138 | 1 Redhat | 1 Interchange | 2008-09-05 | 5.0 MEDIUM | N/A |
| The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//). | |||||
| CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | |||||