Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1530 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2016-10-17 | 3.6 LOW | N/A |
| cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. | |||||
| CVE-1999-1531 | 1 Ibm | 1 Homepageprint | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. | |||||
| CVE-1999-1532 | 1 Netscape | 1 Messaging Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands. | |||||
| CVE-1999-1534 | 1 Knox Software | 1 Arkeia | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. | |||||
| CVE-1999-1536 | 1 Acushop | 1 Salesbuilder | 2016-10-17 | 7.2 HIGH | N/A |
| .sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file. | |||||
| CVE-1999-1538 | 1 Microsoft | 1 Internet Information Server | 2016-10-17 | 2.1 LOW | N/A |
| When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. | |||||
| CVE-1999-1544 | 1 Microsoft | 1 Internet Information Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. | |||||
| CVE-1999-1545 | 1 Joes Own Editor | 1 Joe | 2016-10-17 | 2.1 LOW | N/A |
| Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users. | |||||
| CVE-1999-1547 | 1 Oracle | 1 Web Listener | 2016-10-17 | 7.5 HIGH | N/A |
| Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. | |||||
| CVE-1999-1549 | 1 University Of Kansas | 1 Lynx | 2016-10-17 | 5.0 MEDIUM | N/A |
| Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands. | |||||
| CVE-1999-1397 | 1 Microsoft | 1 Index Server | 2016-10-17 | 7.5 HIGH | N/A |
| Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed. | |||||
| CVE-1999-1398 | 1 Sgi | 1 Irix | 2016-10-17 | 6.2 MEDIUM | N/A |
| Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | |||||
| CVE-1999-1399 | 1 Sgi | 1 Irix | 2016-10-17 | 7.2 HIGH | N/A |
| spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed. | |||||
| CVE-1999-1400 | 1 The Economist | 1 The Economist 1999 Screen Saver | 2016-10-17 | 2.1 LOW | N/A |
| The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked. | |||||
| CVE-1999-1405 | 1 Ibm | 1 Aix | 2016-10-17 | 10.0 HIGH | N/A |
| snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. | |||||
| CVE-1999-1406 | 1 Redhat | 1 Linux | 2016-10-17 | 2.1 LOW | N/A |
| dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. | |||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2016-10-17 | 2.1 LOW | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | |||||
| CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2016-10-17 | 2.1 LOW | N/A |
| Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||||
| CVE-1999-1409 | 2 Netbsd, Sgi | 2 Netbsd, Irix | 2016-10-17 | 2.1 LOW | N/A |
| The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. | |||||
| CVE-1999-1410 | 1 Sgi | 1 Irix | 2016-10-17 | 6.2 MEDIUM | N/A |
| addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file. | |||||