Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-12-31 | CVE-2003-1424 | Credentials Management vulnerability in Petitforum message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie. | 6.8 |
2003-12-31 | CVE-2003-1423 | Permissions, Privileges, and Access Controls vulnerability in Petitforum Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. | 5.0 |
2003-12-31 | CVE-2003-1422 | Unspecified vulnerability in Gentoo Syslinux 2.0.1 Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors. | 10.0 |
2003-12-31 | CVE-2003-1421 | Resource Management Errors vulnerability in Suckbot 0.006 Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors. | 4.3 |
2003-12-31 | CVE-2003-1420 | Cross-site Scripting vulnerability in Opera Browser Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. | 4.3 |
2003-12-31 | CVE-2003-1419 | Improper Input Validation vulnerability in Netscape Navigator 7.0 Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | 4.3 |
2003-12-31 | CVE-2003-1418 | Information Exposure vulnerability in Apache Http Server Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID). | 4.3 |
2003-12-31 | CVE-2003-1417 | Credentials Management vulnerability in Ncipher Support Software 6.00 nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files. | 4.4 |
2003-12-31 | CVE-2003-1416 | Improper Input Validation vulnerability in Bisonftp Server 4 R2 BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. | 4.3 |
2003-12-31 | CVE-2003-1415 | Buffer Errors vulnerability in Visual Mining Netcharts Xbrl Server 4.0.0 NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification. | 6.8 |