Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1129 | 2 Compaq, Digital | 2 Tru64, Osf 1 | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument. | |||||
| CVE-2002-1133 | 1 Funsoft | 1 Dinos Webserver | 2016-10-17 | 5.0 MEDIUM | N/A |
| Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters. | |||||
| CVE-2002-1134 | 1 Hp | 1 Webes Service Tools | 2016-10-17 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files. | |||||
| CVE-2002-0813 | 1 Cisco | 1 Ios | 2016-10-17 | 7.1 HIGH | N/A |
| Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | |||||
| CVE-2002-0814 | 1 Vmware | 1 Gsx Server | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument. | |||||
| CVE-2002-0816 | 1 Compaq | 1 Tru64 | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument. | |||||
| CVE-2002-0817 | 1 William Deich | 1 Super | 2016-10-17 | 7.2 HIGH | N/A |
| Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument. | |||||
| CVE-2002-0818 | 1 Wwwoffle | 1 Wwwoffle | 2016-10-17 | 7.5 HIGH | N/A |
| wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value. | |||||
| CVE-2002-0819 | 1 Artsd | 1 Artsd | 2016-10-17 | 7.2 HIGH | N/A |
| Format string vulnerability in artsd, when called by artswrapper, allows local users to gain privileges via format strings in the -a argument, which results in an error message that is not properly handled in a call to the arts_fatal function. | |||||
| CVE-2002-0820 | 1 Freebsd | 1 Freebsd | 2016-10-17 | 7.2 HIGH | N/A |
| FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. | |||||
| CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2016-10-17 | 4.6 MEDIUM | N/A |
| Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | |||||
| CVE-2002-0831 | 1 Freebsd | 1 Freebsd | 2016-10-17 | 2.1 LOW | N/A |
| The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end. | |||||
| CVE-2002-0833 | 1 Qualcomm | 1 Eudora | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string. | |||||
| CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2016-10-17 | 7.5 HIGH | N/A |
| dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
| CVE-2002-0837 | 1 Wordtrans | 1 Wordtrans-web | 2016-10-17 | 7.5 HIGH | N/A |
| wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to (1) execute arbitrary code or (2) conduct cross-site scripting attacks via certain parameters (possibly "dict") to the wordtrans.php script. | |||||
| CVE-2002-0838 | 3 Ggv, Ghostview, Gv | 3 Ggv, Ghostview, Gv | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf. | |||||
| CVE-2002-0842 | 1 Oracle | 1 Application Server | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string specifiers to be returned from dav_lookup_uri() in mod_dav.c, which is then used in a call to ap_log_rerror(). | |||||
| CVE-2002-0845 | 1 Iplanet | 1 Iplanet Web Server | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding. | |||||
| CVE-2002-0846 | 1 Macromedia | 1 Shockwave Flash | 2016-10-17 | 7.5 HIGH | N/A |
| The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. | |||||
| CVE-2002-0849 | 1 Cisco | 1 Iscsi Driver | 2016-10-17 | 4.6 MEDIUM | N/A |
| Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | |||||