Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0265 | 1 Sap | 1 Sap Db | 2016-10-17 | 6.2 MEDIUM | N/A |
| Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed. | |||||
| CVE-2003-0266 | 1 Bvrp Software | 1 Slwebmail | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll. | |||||
| CVE-2003-0267 | 1 Bvrp Software | 1 Slwebmail | 2016-10-17 | 5.0 MEDIUM | N/A |
| ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file. | |||||
| CVE-2003-0268 | 1 Bvrp Software | 1 Slwebmail | 2016-10-17 | 5.0 MEDIUM | N/A |
| SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message. | |||||
| CVE-2003-0271 | 1 Cooolsoft | 1 Personal Ftp Server | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument. | |||||
| CVE-2003-0272 | 1 Miniportal | 1 Miniportal | 2016-10-17 | 10.0 HIGH | N/A |
| admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value. | |||||
| CVE-2003-0273 | 1 Best Practical Solutions | 1 Request Tracker | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies. | |||||
| CVE-2003-0274 | 1 Cren | 1 Listproc | 2016-10-17 | 10.0 HIGH | N/A |
| Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. | |||||
| CVE-2003-0275 | 1 Yabb | 1 Yabb | 2016-10-17 | 5.1 MEDIUM | N/A |
| SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-0292 | 1 Inktomi | 1 Inktomi Traffic-server | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote attackers to insert arbitrary web script or HTML into an error page that appears to come from the domain that the client is visiting, aka "Man-in-the-Middle" XSS. | |||||
| CVE-2003-0293 | 1 Palm | 1 Palmos | 2016-10-17 | 5.0 MEDIUM | N/A |
| PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets. | |||||
| CVE-2003-0294 | 1 Php-proxima | 1 Php-proxima | 2016-10-17 | 5.0 MEDIUM | N/A |
| autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. | |||||
| CVE-2003-0295 | 1 Jelsoft | 1 Vbulletin | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability. | |||||
| CVE-2003-0141 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2016-10-17 | 5.1 MEDIUM | N/A |
| The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. | |||||
| CVE-2003-0151 | 1 Bea | 1 Weblogic Server | 2016-10-17 | 7.5 HIGH | N/A |
| BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code. | |||||
| CVE-2003-0154 | 1 Mozilla | 1 Bonsai | 2016-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244. | |||||
| CVE-2003-0156 | 1 Cross Referencer | 1 Lxr | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter. | |||||
| CVE-2003-0163 | 1 Gaim-encryption | 1 Gaim-encryption | 2016-10-17 | 5.0 MEDIUM | N/A |
| decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte. | |||||
| CVE-2003-0169 | 1 Hp | 1 Instant Toptools | 2016-10-17 | 5.0 MEDIUM | N/A |
| hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. | |||||
| CVE-2003-0197 | 2 Borland Software, Firebirdsql | 2 Interbase, Firebird | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). | |||||