Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0284 | 1 Adobe | 1 Acrobat | 2008-09-05 | 7.5 HIGH | N/A |
| Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. | |||||
| CVE-2002-1976 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 2.1 LOW | N/A |
| ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap. | |||||
| CVE-2002-1977 | 1 Pgp | 1 Pgp | 2008-09-05 | 2.1 LOW | N/A |
| Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase. | |||||
| CVE-2002-1981 | 1 Microsoft | 1 Sql Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings. | |||||
| CVE-2002-1982 | 1 Icecast | 1 Icecast | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not. | |||||
| CVE-2002-1985 | 1 Incognito Software Inc | 1 Ismtp Gateway | 2008-09-05 | 5.0 MEDIUM | N/A |
| iSMTP 5.0.1 allows remote attackers to cause a denial of service via a long "MAIL FROM" command, possibly triggering a buffer overflow. | |||||
| CVE-2002-1986 | 1 Perception | 1 Liteserve | 2008-09-05 | 5.0 MEDIUM | N/A |
| Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot ("."). | |||||
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | |||||
| CVE-2002-1988 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources. | |||||
| CVE-2002-1989 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp. | |||||
| CVE-2002-1990 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet. | |||||
| CVE-2002-1992 | 1 Macromedia | 2 Coldfusion, Coldfusion Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | |||||
| CVE-2002-1993 | 1 Affordable Web Space Design | 1 Affordable Web Space Design Webbbs | 2008-09-05 | 10.0 HIGH | N/A |
| webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter. | |||||
| CVE-2002-1994 | 1 Gamecheats | 1 Advanced Web Server Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence. | |||||
| CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | |||||
| CVE-2002-1996 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-09-05 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php. | |||||
| CVE-2002-1998 | 1 Sco | 2 Open Unix, Unixware | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | |||||
| CVE-2002-1999 | 1 Hp | 1 Praesidium Webproxy | 2008-09-05 | 5.0 MEDIUM | N/A |
| HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. | |||||
| CVE-2002-2000 | 1 Compaq | 1 Acms | 2008-09-05 | 2.1 LOW | N/A |
| ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data. | |||||
| CVE-2002-2003 | 1 Compaq | 1 Tru64 | 2008-09-05 | 5.0 MEDIUM | N/A |
| ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | |||||