Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0857 | 1 Oracle | 2 Database Server, Oracle8i | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file. | |||||
| CVE-2002-0858 | 1 Oracle | 2 Oracle8i, Oracle9i | 2016-10-17 | 7.5 HIGH | N/A |
| catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges. | |||||
| CVE-2002-0887 | 1 Caldera | 1 Openserver | 2016-10-17 | 2.1 LOW | N/A |
| scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files. | |||||
| CVE-2002-0889 | 1 Qualcomm | 1 Qpopper | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a long bulldir argument in the user's .qpopper-options configuration file. | |||||
| CVE-2002-0898 | 1 Opera Software | 1 Opera Web Browser | 2016-10-17 | 5.0 MEDIUM | N/A |
| Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline. | |||||
| CVE-2002-0904 | 1 Kismet | 1 Kismet | 2016-10-17 | 7.5 HIGH | N/A |
| SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument. | |||||
| CVE-2002-0909 | 1 Matsushita Research | 1 Mnews | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER. | |||||
| CVE-2002-0913 | 1 Stephen Hebditch | 1 Slurp | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response. | |||||
| CVE-2002-0652 | 1 Sgi | 1 Irix | 2016-10-17 | 7.5 HIGH | N/A |
| xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs(). | |||||
| CVE-2002-0653 | 1 Mod Ssl | 1 Mod Ssl | 2016-10-17 | 4.6 MEDIUM | N/A |
| Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries. | |||||
| CVE-2002-0662 | 1 Dan Mueth | 1 Scrollkeeper | 2016-10-17 | 2.1 LOW | N/A |
| scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files. | |||||
| CVE-2002-0664 | 1 Granite Software | 1 Zmerge | 2016-10-17 | 7.5 HIGH | N/A |
| The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts. | |||||
| CVE-2002-0665 | 1 Macromedia | 1 Jrun | 2016-10-17 | 10.0 HIGH | N/A |
| Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL. | |||||
| CVE-2002-0683 | 1 Pacific Software | 1 Carello | 2016-10-17 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Carello 1.3 allows remote attackers to execute programs on the server via a .. (dot dot) in the VBEXE parameter. | |||||
| CVE-2002-0684 | 2 Gnu, Isc | 2 Glibc, Bind | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | |||||
| CVE-2002-0685 | 1 Pgp | 3 Desktop Security, Freeware, Personal Security | 2016-10-17 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message. | |||||
| CVE-2002-0686 | 1 Iplanet | 1 Iplanet Web Server | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter. | |||||
| CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2016-10-17 | 2.1 LOW | N/A |
| ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | |||||
| CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2016-10-17 | 10.0 HIGH | N/A |
| Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | |||||
| CVE-2002-0704 | 1 Linux | 1 Linux Kernel | 2016-10-17 | 5.0 MEDIUM | N/A |
| The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages. | |||||