Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-12-31 | CVE-2003-1301 | Denial Of Service vulnerability in Sun Java Runtime Environment Nested Array Objects Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. | 5.0 |
2003-12-31 | CVE-2003-1300 | Unspecified vulnerability in Pablo Software Solutions Baby FTP Server 1.2 Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | 5.0 |
2003-12-31 | CVE-2003-1299 | Directory Traversal vulnerability in Pablo Software Solutions Baby FTP Server 1.2 Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. | 4.0 |
2003-12-31 | CVE-2003-1298 | Directory Traversal vulnerability in Anyportal PHP Anyportal PHP 0.1 Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot). | 5.0 |
2003-12-31 | CVE-2003-1297 | Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. | 5.0 |
2003-12-31 | CVE-2003-1296 | Denial-Of-Service vulnerability in Easy File Sharing Web Server Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument. | 5.0 |
2003-12-31 | CVE-2003-1295 | Multiple vulnerability in SuSE XScreenSaver Package Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | 2.1 |
2003-12-31 | CVE-2003-1294 | Multiple vulnerability in SuSE XScreenSaver Package Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
2003-12-31 | CVE-2003-1293 | HTML Injection vulnerability in Multiple GuestBookHost Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. network nukedweb | 4.3 |
2003-12-31 | CVE-2003-1292 | Remote File Include vulnerability in Ashwebstudio Ashnews 0.83 PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php. | 5.0 |