Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0799 | 1 Youngzsoft | 1 Cmailserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument. | |||||
| CVE-2002-0800 | 1 Working Resources Inc. | 1 Badblue | 2008-09-05 | 5.0 MEDIUM | N/A |
| BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. | |||||
| CVE-2002-0801 | 1 Macromedia | 1 Jrun | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. | |||||
| CVE-2002-0804 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 7.5 HIGH | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname. | |||||
| CVE-2002-0805 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 4.6 MEDIUM | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code. | |||||
| CVE-2002-0032 | 1 Yahoo | 1 Messenger | 2008-09-05 | 7.5 HIGH | N/A |
| Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI. | |||||
| CVE-2002-0037 | 1 Ibm | 1 Lotus Domino Server | 2008-09-05 | 7.5 HIGH | N/A |
| Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. | |||||
| CVE-2002-0039 | 1 Sgi | 1 Irix | 2008-09-05 | 5.0 MEDIUM | N/A |
| rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths. | |||||
| CVE-2002-0040 | 1 Sgi | 1 Irix | 2008-09-05 | 2.1 LOW | N/A |
| Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. | |||||
| CVE-2002-0041 | 1 Sgi | 1 Irix | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump. | |||||
| CVE-2002-0042 | 1 Sgi | 1 Irix | 2008-09-05 | 2.1 LOW | N/A |
| Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS. | |||||
| CVE-2002-0091 | 1 Nswc | 1 Cider Shadow | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields. | |||||
| CVE-2002-0094 | 1 Fraunhofer Fit | 1 Bscw | 2008-09-05 | 7.5 HIGH | N/A |
| config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion. | |||||
| CVE-2002-0095 | 1 Fraunhofer Fit | 1 Bscw | 2008-09-05 | 7.5 HIGH | N/A |
| The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed. | |||||
| CVE-2002-0096 | 1 Geeklog | 1 Geeklog | 2008-09-05 | 7.2 HIGH | N/A |
| The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intended. | |||||
| CVE-2002-0117 | 1 Yabb | 1 Yabb | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag. | |||||
| CVE-2002-0128 | 1 Sambar | 1 Sambar Server | 2008-09-05 | 7.5 HIGH | N/A |
| cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long argument. | |||||
| CVE-2002-0157 | 1 Eazel | 1 Nautilus | 2008-09-05 | 4.6 MEDIUM | N/A |
| Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file. | |||||
| CVE-2002-0179 | 1 Xpilot | 1 Xpilot | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-0185 | 1 Apache | 1 Mod Python | 2008-09-05 | 7.5 HIGH | N/A |
| mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | |||||