Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2374 | 1 Sun | 1 Patchpro | 2008-09-05 | 10.0 HIGH | N/A |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | |||||
| CVE-2002-2375 | 1 Stalker | 1 Communigate Pro | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information. | |||||
| CVE-2002-2376 | 1 Leung | 1 E-guest | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this issue might overlap CVE-2005-1605. | |||||
| CVE-2002-2377 | 1 Sephiroth32 | 1 Zap Book | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field. | |||||
| CVE-2002-2378 | 1 Nakata | 1 An Httpd | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page. | |||||
| CVE-2002-2379 | 1 Cisco | 1 As5350 | 2008-09-05 | 7.8 HIGH | N/A |
| ** DISPUTED ** Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor. | |||||
| CVE-2002-2380 | 2 Arescom, Microsoft | 2 Netdsl, Network Firmware | 2008-09-05 | 6.4 MEDIUM | N/A |
| NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic. | |||||
| CVE-2002-2381 | 1 Ka-shu Wong | 1 Gtetrinet | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code. | |||||
| CVE-2002-2382 | 1 Cvsup | 1 Cvsup | 2008-09-05 | 7.2 HIGH | N/A |
| cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. | |||||
| CVE-2002-2384 | 1 Hotfoon Corporation | 1 Hotfoon | 2008-09-05 | 3.6 LOW | N/A |
| hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service. | |||||
| CVE-2002-2385 | 1 Hotfoon Corporation | 1 Hotfoon | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number. | |||||
| CVE-2002-2386 | 1 Xoops | 1 Xoops | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the SRC attribute of an IMG tag. | |||||
| CVE-2002-2387 | 1 Mollensoft Software | 1 Hyperion Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command. | |||||
| CVE-2002-2388 | 1 Inweb | 1 Mail Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command. | |||||
| CVE-2002-2389 | 1 Fastlink Software | 1 The Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files. | |||||
| CVE-2002-2390 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||||
| CVE-2002-2391 | 2 Webchat.org, Xoops | 2 Webchat, Xoops | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. | |||||
| CVE-2002-2392 | 1 Nullsoft | 1 Winamp | 2008-09-05 | 6.4 MEDIUM | N/A |
| Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code. | |||||
| CVE-2002-2394 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 5.0 MEDIUM | N/A |
| InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 chunked transfer encoding. | |||||
| CVE-2002-2395 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 5.0 MEDIUM | N/A |
| InterScan VirusWall 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 gzip content encoding. | |||||