Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0990 | 1 Squirrelmail | 2 Gpg Plugin, Squirrelmail | 2017-07-10 | 7.5 HIGH | N/A |
| The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field. | |||||
| CVE-2003-1006 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. | |||||
| CVE-2003-1007 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. | |||||
| CVE-2003-1008 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application. | |||||
| CVE-2003-1009 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 10.0 HIGH | N/A |
| Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges. | |||||
| CVE-2003-1010 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2003-1011 | 1 Apple | 1 Mac Os X | 2017-07-10 | 7.2 HIGH | N/A |
| Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell. | |||||
| CVE-2003-1014 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients. | |||||
| CVE-2003-1015 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients. | |||||
| CVE-2003-1016 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients. | |||||
| CVE-2003-1017 | 1 Macromedia | 2 Director, Flash Player | 2017-07-10 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names. | |||||
| CVE-2003-1018 | 1 Ibm | 1 Aix | 2017-07-10 | 7.2 HIGH | N/A |
| Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors. | |||||
| CVE-2003-1020 | 2 Irssi, Mandrakesoft | 2 Irssi, Mandrake Linux | 2017-07-10 | 5.0 MEDIUM | N/A |
| The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash). | |||||
| CVE-2003-1021 | 1 Sco | 1 Openserver | 2017-07-10 | 7.2 HIGH | N/A |
| The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. | |||||
| CVE-2003-1030 | 1 Dameware Development | 1 Mini Remote Control Server | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129. | |||||
| CVE-2003-1033 | 1 Sap | 1 Sap Db | 2017-07-10 | 7.2 HIGH | N/A |
| The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program. | |||||
| CVE-2003-1034 | 1 Sap | 1 Sap Db | 2017-07-10 | 4.6 MEDIUM | N/A |
| The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writable permissions, which allows local users to gain privileges by modifying those programs. | |||||
| CVE-2003-1036 | 1 Sap | 1 Internet Transaction Server | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header. | |||||
| CVE-2003-1037 | 1 Sap | 1 Internet Transaction Server | 2017-07-10 | 7.5 HIGH | N/A |
| Format string vulnerability in the WGate component for SAP Internet Transaction Server (ITS) allows remote attackers to execute arbitrary code via a high "trace level." | |||||
| CVE-2003-1038 | 1 Sap | 1 Internet Transaction Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames. | |||||