Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0454 | 1 Joe Rumsey | 1 Xgalaga | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable. | |||||
| CVE-2003-0458 | 1 Hp | 1 Nonstop Seeview Server Gateway | 2008-09-05 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges. | |||||
| CVE-2003-0489 | 1 Michael C. Toren | 1 Tcptraceroute | 2008-09-05 | 7.2 HIGH | N/A |
| tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute. | |||||
| CVE-2003-0500 | 1 Proftpd Project | 1 Proftpd | 2008-09-05 | 10.0 HIGH | N/A |
| SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name. | |||||
| CVE-2003-0514 | 1 Apple | 1 Safari | 2008-09-05 | 7.5 HIGH | N/A |
| Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
| CVE-2003-0517 | 1 Gert Doering | 1 Mgetty | 2008-09-05 | 2.1 LOW | N/A |
| faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files. | |||||
| CVE-2003-0537 | 1 Daiki Ueno | 1 Liece Emacs Irc Client | 2008-09-05 | 4.6 MEDIUM | N/A |
| The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users. | |||||
| CVE-2003-0573 | 1 Sgi | 1 Irix | 2008-09-05 | 5.0 MEDIUM | N/A |
| The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. | |||||
| CVE-2003-0599 | 1 Phpgroupware | 1 Phpgroupware | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root. | |||||
| CVE-2003-0602 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs. | |||||
| CVE-2003-0603 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 2.1 LOW | N/A |
| Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions. | |||||
| CVE-2003-0611 | 1 Xtokkaetama | 1 Xtokkaetama | 2008-09-05 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. | |||||
| CVE-2003-0636 | 1 Novell | 1 Ichain | 2008-09-05 | 7.5 HIGH | N/A |
| Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. | |||||
| CVE-2003-0637 | 1 Novell | 1 Ichain | 2008-09-05 | 5.0 MEDIUM | N/A |
| Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing. | |||||
| CVE-2003-0640 | 1 Bea | 1 Weblogic Server | 2008-09-05 | 10.0 HIGH | N/A |
| BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges. | |||||
| CVE-2003-0644 | 1 Johannes Sixt | 1 Kdbg | 2008-09-05 | 4.6 MEDIUM | N/A |
| Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands. | |||||
| CVE-2003-0651 | 1 Mod Mylo | 1 Mod Mylo | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2003-0657 | 1 Phpgroupware | 1 Phpgroupware | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions. | |||||
| CVE-2003-0683 | 1 Sgi | 1 Irix | 2008-09-05 | 7.5 HIGH | N/A |
| NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions. | |||||
| CVE-2002-2352 | 1 Neosoft | 1 Neobook | 2008-09-05 | 5.8 MEDIUM | N/A |
| The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs. | |||||