Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0650 | 1 Gamespy | 1 Arcade | 2016-10-17 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file. | |||||
| CVE-2003-0652 | 1 Xtokkaetama | 1 Xtokkaetama | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611. | |||||
| CVE-2003-0655 | 1 Cdrtools | 1 Cdrtools | 2016-10-17 | 7.2 HIGH | N/A |
| rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root privileges by specifying the target file as a command line argument, which is modified while rscsi is running with privileges. | |||||
| CVE-2003-0656 | 1 Eroaster | 1 Eroaster | 2016-10-17 | 2.1 LOW | N/A |
| eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile. | |||||
| CVE-2003-0676 | 1 Sun | 2 Iplanet Directory Server, One Directory Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. | |||||
| CVE-2003-0685 | 1 Netris | 1 Netris | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response. | |||||
| CVE-2003-0728 | 1 Horde | 1 Horde | 2016-10-17 | 6.4 MEDIUM | N/A |
| Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL. | |||||
| CVE-2003-0729 | 1 Tellurian | 1 Tftpdnt | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFTP request with a long filename. | |||||
| CVE-2003-0730 | 2 Netbsd, Xfree86 Project | 2 Netbsd, X11r6 | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | |||||
| CVE-2003-0735 | 1 Phpwebsite | 1 Phpwebsite | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter. | |||||
| CVE-2003-0536 | 1 Phpsysinfo | 1 Phpsysinfo | 2016-10-17 | 3.6 LOW | N/A |
| Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters. | |||||
| CVE-2003-0553 | 1 Netscape | 1 Navigator | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. | |||||
| CVE-2003-0554 | 1 Neomodus | 1 Direct Connect | 2016-10-17 | 5.0 MEDIUM | N/A |
| NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports. | |||||
| CVE-2003-0555 | 1 Imagemagick | 1 Imagemagick | 2016-10-17 | 7.5 HIGH | N/A |
| ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability. | |||||
| CVE-2003-0556 | 1 Polycom | 3 Mgc-100, Mgc-25, Mgc-50 | 2016-10-17 | 5.0 MEDIUM | N/A |
| Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester. | |||||
| CVE-2003-0557 | 1 Lagarde | 1 Storefront | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field. | |||||
| CVE-2003-0558 | 1 Leapware | 1 Leapftp | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request. | |||||
| CVE-2003-0559 | 1 Phpforum | 1 Phpforum | 2016-10-17 | 7.5 HIGH | N/A |
| mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-0560 | 1 Virtual Programming | 1 Vp-asp | 2016-10-17 | 10.0 HIGH | N/A |
| SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter. | |||||
| CVE-2003-0561 | 1 Iglooftp | 1 Iglooftp Pro | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands. | |||||