Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1152 | Unspecified vulnerability in Infrontech Webtide 7.0.4 WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). | 5.0 |
| 2003-12-31 | CVE-2003-1135 | Buffer Overrun vulnerability in Yahoo Messenger 5.6 Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | 2.6 |
| 2003-12-31 | CVE-2003-1134 | Denial Of Service vulnerability in SUN Java 1.3.1/1.4.1/1.4.2 Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | 2.1 |
| 2003-12-31 | CVE-2003-1133 | Unspecified vulnerability in Ritlabs the BAT Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts with insecure ACLs, which allows local users to read other users' email messages. | 2.1 |
| 2003-12-31 | CVE-2003-1132 | Denial-Of-Service vulnerability in Cisco products The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. | 5.0 |
| 2003-12-31 | CVE-2003-1131 | Remote File Include vulnerability in KnowledgeBuilder PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2003-12-31 | CVE-2003-1129 | Buffer Overflow vulnerability in Yahoo Audio Conferencing Activex Control 1.0.0.43 Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat. | 2.6 |
| 2003-12-31 | CVE-2003-1128 | Remote Command Execution vulnerability in X2 Studios Xmms Remote 0.1 XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. | 7.5 |
| 2003-12-31 | CVE-2003-1127 | Unspecified vulnerability in Whale Communications E-Gap 2.5 Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. | 5.0 |
| 2003-12-31 | CVE-2003-1126 | Denial-Of-Service vulnerability in SUN ONE web Server 6.0 Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | 5.0 |