Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-12-31 | CVE-2003-1517 | Information Exposure vulnerability in Dansie Shopping Cart cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1516 | Cross-Site Applet Sandbox Security Model Violation vulnerability in SUN Java Plug-In 1.4.201 The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. network sun | 6.8 |
2003-12-31 | CVE-2003-1515 | Permissions, Privileges, and Access Controls vulnerability in Origo Asr-8100 and Asr-8400 Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults. | 7.8 |
2003-12-31 | CVE-2003-1514 | Buffer Errors vulnerability in Emule 0.29C eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow. | 7.8 |
2003-12-31 | CVE-2003-1513 | Cross-Site Scripting vulnerability in Caucho Technology Resin Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp. | 4.3 |
2003-12-31 | CVE-2003-1512 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Khaled Mardam-Bey Mirc 6.1/6.11 Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request. | 5.0 |
2003-12-31 | CVE-2003-1511 | Cross-Site Scripting vulnerability in Bajie Java Http Server 0.95 Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet. | 4.3 |
2003-12-31 | CVE-2003-1510 | Remote Denial of Service vulnerability in RIT Research Labs Tinyweb 1.9 TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory. | 7.8 |
2003-12-31 | CVE-2003-1509 | Unspecified vulnerability in Realnetworks Realone Enterprise Desktop and Realone Player Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | 10.0 |
2003-12-31 | CVE-2003-1508 | Buffer Errors vulnerability in Mirc 6.12 Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename. | 4.3 |