Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1322 | Remote Buffer Overflow vulnerability in Atrium Software Mercur Mailserver IMAP Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command. | 10.0 |
| 2003-12-31 | CVE-2003-1321 | Buffer Overflow vulnerability in Avant Force Avant Browser 8.2 Buffer overflow in Avant Browser 8.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request. | 7.5 |
| 2003-12-31 | CVE-2003-1320 | Resource Management Errors vulnerability in Sonicwall Firmware SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. | 5.1 |
| 2003-12-31 | CVE-2003-1319 | Buffer Overflow vulnerability in SmartFTP PWD Command Request Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow. | 7.6 |
| 2003-12-31 | CVE-2003-1318 | Remote Denial Of Service vulnerability in Twilight Webserver Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376. | 7.8 |
| 2003-12-31 | CVE-2003-1317 | Cross-Site Scripting vulnerability in eNdonesia Mod Parameter Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. network endonesia | 6.8 |
| 2003-12-31 | CVE-2003-1316 | Path Disclosure vulnerability in eNdonesia Mod Parameter mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. | 5.0 |
| 2003-12-31 | CVE-2003-1315 | SQL Injection vulnerability in Neocrome Land Down Under 701 SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. | 7.5 |
| 2003-12-31 | CVE-2003-1314 | Remote File Include vulnerability in Eternalmart Guestbook 1.1 PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook (EMGB) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgb_admin_path parameter. | 7.5 |
| 2003-12-31 | CVE-2003-1313 | Remote File Include vulnerability in Eternalmart Mailing List Manager 1.32 Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php. | 7.5 |