Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0826 | 1 Gnu | 1 Lsh | 2016-10-17 | 7.5 HIGH | N/A |
| lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack. | |||||
| CVE-2003-0827 | 1 Ibm | 1 Db2 Universal Database | 2016-10-17 | 5.0 MEDIUM | N/A |
| The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523. | |||||
| CVE-2003-0835 | 1 Mplayer | 1 Mplayer | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. | |||||
| CVE-2003-0839 | 1 Microsoft | 1 Windows 2003 Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. | |||||
| CVE-2003-0840 | 1 Hp | 1 Hp-ux | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable. | |||||
| CVE-2003-0842 | 1 Dag Apt Repository | 1 Mod Gzip | 2016-10-17 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header. | |||||
| CVE-2003-0843 | 1 Dag Apt Repository | 1 Mod Gzip | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header. | |||||
| CVE-2003-0844 | 1 Dag Apt Repository | 1 Mod Gzip | 2016-10-17 | 2.1 LOW | N/A |
| mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled. | |||||
| CVE-2003-0846 | 1 Suse | 1 Suse Linux | 2016-10-17 | 4.6 MEDIUM | N/A |
| SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. | |||||
| CVE-2003-0847 | 1 Suse | 1 Suse Linux | 2016-10-17 | 4.6 MEDIUM | N/A |
| SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file. | |||||
| CVE-2003-0625 | 1 Xfstt | 1 Xfstt | 2016-10-17 | 6.4 MEDIUM | N/A |
| Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response. | |||||
| CVE-2003-0628 | 1 Peoplesoft | 1 Peopletools | 2016-10-17 | 5.0 MEDIUM | N/A |
| PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value. | |||||
| CVE-2003-0629 | 1 Peoplesoft | 1 Peopletools | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript. | |||||
| CVE-2003-0630 | 1 Atari800 | 1 Atari800 | 2016-10-17 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument. | |||||
| CVE-2003-0631 | 1 Vmware | 2 Gsx Server, Workstation | 2016-10-17 | 7.2 HIGH | N/A |
| VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | |||||
| CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2003-0633 | 1 Oracle | 2 Applications, E-business Suite | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. | |||||
| CVE-2003-0635 | 1 Novell | 1 Ichain | 2016-10-17 | 5.0 MEDIUM | N/A |
| Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM. | |||||
| CVE-2003-0638 | 1 Novell | 1 Ichain | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login." | |||||
| CVE-2003-0639 | 1 Novell | 1 Ichain | 2016-10-17 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication. | |||||