Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1344 | Cryptographic Issues vulnerability in Trend Micro Virus Control System Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | 5.0 |
| 2003-12-31 | CVE-2003-1343 | Improper Authentication vulnerability in Trend Micro Scanmail Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". | 7.5 |
| 2003-12-31 | CVE-2003-1342 | Resource Management Errors vulnerability in Trend Micro Virus Control System 1.8 Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. | 5.0 |
| 2003-12-31 | CVE-2003-1341 | Configuration vulnerability in Trend Micro Officescan and Virus Buster The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. | 7.5 |
| 2003-12-31 | CVE-2003-1340 | SQL Injection vulnerability in PHPnuke PHP-Nuke 5.6/6.5 Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279. | 6.5 |
| 2003-12-31 | CVE-2003-1339 | Buffer Errors vulnerability in Ezmeeting 3.3/3.4/3.5 Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll. | 10.0 |
| 2003-12-31 | CVE-2003-1338 | Unspecified vulnerability in Aprelium Technologies Abyss web Server CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header. network aprelium-technologies | 4.3 |
| 2003-12-31 | CVE-2003-1337 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Aprelium Technologies Abyss web Server Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
| 2003-12-31 | CVE-2003-1336 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mirc Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL. | 9.3 |
| 2003-12-31 | CVE-2003-1335 | Path Traversal vulnerability in KAI Blankenhorn Bitfolge Simple and Nice Index File Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.5 allows remote attackers to download files from locations above the snif directory. | 5.0 |