Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2396 | 1 Remi Lefebvre | 1 Advanced Tftp | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option. | |||||
| CVE-2002-2397 | 1 Symantec | 1 Sygate Personal Firewall | 2008-09-05 | 10.0 HIGH | N/A |
| Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1) source IP address of 127.0.0.1 or (2) network address of 127.0.0.0. | |||||
| CVE-2002-2398 | 1 App | 1 Apboard | 2008-09-05 | 5.0 MEDIUM | N/A |
| The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter. | |||||
| CVE-2002-2399 | 1 Cascadesoft | 1 W3mail | 2008-09-05 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2002-2403 | 1 Key Focus | 1 Kf Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences. | |||||
| CVE-2002-2405 | 1 Checkpoint | 1 Firewall-1 | 2008-09-05 | 4.9 MEDIUM | N/A |
| Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall. | |||||
| CVE-2002-2406 | 1 Perception | 1 Liteserve | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request. | |||||
| CVE-2002-2407 | 1 Qnx | 1 Rtos | 2008-09-05 | 6.9 MEDIUM | N/A |
| Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) phshutdown by QNX experimental patches, (5) cpim, (6) vpim, (7) phrelaycfg, and (8) columns, (9) othello, (10) peg, (11) solitaire, and (12) vpoker in the games pack 2.0.3, which allows local users to gain privileges by modifying the files before permissions are changed. | |||||
| CVE-2002-2408 | 1 Gordano | 1 Ntmail | 2008-09-05 | 7.5 HIGH | N/A |
| Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server. | |||||
| CVE-2002-2409 | 1 Qnx | 2 Neutrino Rtos, Photon Microgui | 2008-09-05 | 3.5 LOW | N/A |
| Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID. | |||||
| CVE-2002-2410 | 1 Open Webmail | 1 Open Webmail | 2008-09-05 | 5.0 MEDIUM | N/A |
| openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information. | |||||
| CVE-2002-2412 | 1 Nullsoft | 1 Winamp | 2008-09-05 | 2.1 LOW | N/A |
| Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts. | |||||
| CVE-2002-2413 | 2 Deerfield, Microsoft | 3 Website Pro, Windows 9x, Windows Nt | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name. | |||||
| CVE-2002-2415 | 1 Alliedtelesyn | 2 At-8024, Rapier 24 | 2008-09-05 | 6.8 MEDIUM | N/A |
| Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service. | |||||
| CVE-2002-2416 | 1 Zeroo | 1 Http Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request. | |||||
| CVE-2002-2417 | 1 Acftp | 1 Acftp | 2008-09-05 | 10.0 HIGH | N/A |
| acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges. | |||||
| CVE-2002-2418 | 1 Acfp Project | 1 Acfreeproxy | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page. | |||||
| CVE-2002-2419 | 1 Dctc Project | 1 Dctc | 2008-09-05 | 7.8 HIGH | N/A |
| Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character. | |||||
| CVE-2002-2420 | 1 Independent Solution | 2 Simple Site Searcher, Super Site Searcher | 2008-09-05 | 7.5 HIGH | N/A |
| site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | |||||
| CVE-2002-2421 | 1 Andrey Cherezov | 1 Acweb | 2008-09-05 | 7.8 HIGH | N/A |
| acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2. | |||||