Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2003-01-17 CVE-2002-1399 Remote Security vulnerability in PostgreSQL
Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cash_out(2).
network
low complexity
postgresql
critical
10.0
2003-01-17 CVE-2002-1398 Unspecified vulnerability in Postgresql
Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input."
local
low complexity
postgresql
4.6
2003-01-17 CVE-2002-1397 Buffer Overflow vulnerability in PostgreSQL cash_words Function
Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow.
network
low complexity
postgresql
7.5
2003-01-17 CVE-2002-1396 Unspecified vulnerability in PHP
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code.
network
low complexity
php
7.5
2003-01-17 CVE-2002-1395 Unspecified vulnerability in Debian Internet Message 1330/1410
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz.
local
low complexity
debian
2.1
2003-01-17 CVE-2002-1393 Unspecified vulnerability in KDE
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
network
low complexity
kde
7.5
2003-01-17 CVE-2002-1392 Unspecified vulnerability in Gert Doering Mgetty
faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges.
local
low complexity
gert-doering
2.1
2003-01-17 CVE-2002-1391 Buffer Overrun vulnerability in MGetty Caller ID Excessive Name Length
Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.
network
low complexity
gert-doering
7.5
2003-01-17 CVE-2002-1390 Unspecified vulnerability in Geneweb
The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL.
network
low complexity
geneweb
5.0
2003-01-11 CVE-2003-0014 Unspecified vulnerability in BMV 1.2
gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
local
low complexity
bmv
4.6