Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2326 | 1 Apple | 1 Mac Os X | 2008-09-05 | 5.0 MEDIUM | N/A |
| The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic. | |||||
| CVE-2002-2329 | 1 Mirabilis | 1 Icq | 2008-09-05 | 7.8 HIGH | N/A |
| ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons. | |||||
| CVE-2002-2331 | 1 Cascadesoft | 1 W3mail | 2008-09-05 | 5.8 MEDIUM | N/A |
| W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending code in MIME attachments, then requesting the attachments. | |||||
| CVE-2002-2332 | 1 Opera Software | 1 Opera Web Browser | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
| CVE-2002-2333 | 1 Kde | 1 Kde | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
| CVE-2002-2334 | 1 Joseph Allen | 1 Joe | 2008-09-05 | 3.6 LOW | N/A |
| Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users. | |||||
| CVE-2002-2335 | 1 John Drake | 1 Killer Protection | 2008-09-05 | 5.0 MEDIUM | N/A |
| Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php. | |||||
| CVE-2002-2336 | 1 Symantec | 1 Norton Personal Firewall | 2008-09-05 | 4.3 MEDIUM | N/A |
| Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
| CVE-2002-2337 | 1 Kaspersky Lab | 1 Kaspersky Anti-hacker | 2008-09-05 | 5.0 MEDIUM | N/A |
| Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
| CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2008-09-05 | 5.0 MEDIUM | N/A |
| The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | |||||
| CVE-2002-2339 | 1 Script Shed | 1 Ssgbook | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5) image=left, and (6) img=left tags. | |||||
| CVE-2002-2341 | 1 Sonicwall | 1 Soho3 | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. | |||||
| CVE-2002-2343 | 1 Nocc | 1 Nocc | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. | |||||
| CVE-2002-2344 | 1 Ensim | 1 Webppliance | 2008-09-05 | 5.0 MEDIUM | N/A |
| Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. | |||||
| CVE-2002-2345 | 1 Oracle | 1 Application Server | 2008-09-05 | 7.5 HIGH | N/A |
| Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. | |||||
| CVE-2002-2346 | 1 Phpbb | 1 Phpbb | 2008-09-05 | 5.0 MEDIUM | N/A |
| phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. | |||||
| CVE-2002-2347 | 1 Oracle | 1 Application Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field. | |||||
| CVE-2002-2348 | 1 Authoria | 1 Authoria | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter. | |||||
| CVE-2002-2349 | 1 Phpbb | 1 Phpbbmod | 2008-09-05 | 5.0 MEDIUM | N/A |
| phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information. | |||||
| CVE-2002-2350 | 1 Phpoutsourcing | 1 Zorum | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter. | |||||