Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0520 | 1 Cerulean Studios | 1 Trillian | 2016-10-17 | 5.0 MEDIUM | N/A |
| Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. | |||||
| CVE-2003-0521 | 1 Cpanel | 1 Cpanel | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens. | |||||
| CVE-2003-0522 | 1 Early Impact | 1 Productcart | 2016-10-17 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privileges via the Email parameter to Custva.asp. | |||||
| CVE-2003-0523 | 1 Early Impact | 1 Productcart | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter. | |||||
| CVE-2003-0524 | 1 Knoppix | 1 Knoppix | 2016-10-17 | 6.2 MEDIUM | N/A |
| Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary files via a symlink attack on the qt_plugins_3.0rc temporary file in the .qt directory. | |||||
| CVE-2003-0365 | 1 Icq Inc | 1 Icqlite | 2016-10-17 | 4.6 MEDIUM | N/A |
| ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs. | |||||
| CVE-2003-0371 | 1 Prishtina Soft | 1 Prishtina Ftp | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner. | |||||
| CVE-2003-0372 | 1 Nessus | 1 Nessus | 2016-10-17 | 4.6 MEDIUM | N/A |
| Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script. | |||||
| CVE-2003-0373 | 1 Nessus | 1 Nessus | 2016-10-17 | 4.4 MEDIUM | N/A |
| Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long proto argument to the scanner_add_port function, (2) a long user argument to the ftp_log_in function, (3) a long pass argument to the ftp_log_in function. | |||||
| CVE-2003-0374 | 1 Nessus | 1 Nessus | 2016-10-17 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus." | |||||
| CVE-2003-0376 | 1 Qualcomm | 1 Eudora | 2016-10-17 | 5.0 MEDIUM | N/A |
| Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters. | |||||
| CVE-2003-0377 | 1 Iisprotect | 1 Iisprotect | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP. | |||||
| CVE-2003-0382 | 2 Debian, Michael Jennings | 2 Debian Linux, Eterm | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | |||||
| CVE-2003-0385 | 1 Debian | 1 Debian Linux | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | |||||
| CVE-2003-0388 | 1 Andrew Morgan | 1 Linux Pam | 2016-10-17 | 4.6 MEDIUM | N/A |
| pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name. | |||||
| CVE-2003-0390 | 1 James Theiler | 1 Opt | 2016-10-17 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi. | |||||
| CVE-2003-0391 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. | |||||
| CVE-2003-0392 | 1 St | 1 Ftp Service | 2016-10-17 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:). | |||||
| CVE-2003-0393 | 1 Privacyware | 1 Privatefirewall | 2016-10-17 | 5.0 MEDIUM | N/A |
| Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans. | |||||
| CVE-2003-0394 | 1 Blnews | 1 Blnews | 2016-10-17 | 7.5 HIGH | N/A |
| objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site. | |||||