Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1454 | Unspecified vulnerability in Invision Power Services Invision Board 1.0/1.0.1/1.1.1 Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | 5.0 |
| 2003-12-31 | CVE-2003-1453 | Cross-Site Scripting vulnerability in Xoops Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag. | 4.3 |
| 2003-12-31 | CVE-2003-1452 | Configuration vulnerability in Qualcomm Qpopper Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. | 3.6 |
| 2003-12-31 | CVE-2003-1451 | Buffer Errors vulnerability in Symantec Norton Antivirus 2002 Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename. | 6.4 |
| 2003-12-31 | CVE-2003-1450 | Improper Input Validation vulnerability in Bitchx BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message. | 5.0 |
| 2003-12-31 | CVE-2003-1449 | Configuration vulnerability in Aladdin Knowledge Systems Esafe Gateway 3.5.126.0 Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. | 7.5 |
| 2003-12-31 | CVE-2003-1448 | Resource Management Errors vulnerability in Microsoft Windows 2000 Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet. | 7.8 |
| 2003-12-31 | CVE-2003-1447 | Cryptographic Issues vulnerability in IBM Websphere Application Server 4.0.4 IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. | 1.9 |
| 2003-12-31 | CVE-2003-1446 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Rogue 5.22/985.0 Buffer overflow in the save_into_file function in save.c for Rogue 5.2-2 allows local users to execute arbitrary code with games group privileges by setting a long HOME environment variable and invoking the save game function with a ~ (tilde). | 4.9 |
| 2003-12-31 | CVE-2003-1445 | Buffer Errors vulnerability in Rarlab FAR Manager 1.65/1.70Beta1/1.70Beta4 Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname. | 4.6 |