Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-01 | CVE-2003-0933 | Unspecified vulnerability in Conquest 7.1.16 Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable. | 4.6 |
| 2003-12-01 | CVE-2003-0913 | Unauthorized Access vulnerability in Apple MacOS X Terminal Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access." | 4.6 |
| 2003-12-01 | CVE-2003-0886 | Unspecified vulnerability in Hylafax Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code. | 10.0 |
| 2003-12-01 | CVE-2003-0851 | Remote Denial Of Service vulnerability in OpenSSL ASN.1 Large Recursion OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | 5.0 |
| 2003-12-01 | CVE-2003-0834 | Local Buffer Overflow vulnerability in SCO Open Unix and Unixware Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | 7.2 |
| 2003-12-01 | CVE-2003-0788 | Denial Of Service vulnerability in Cups Internet Printing Protocol Job Loop Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631). | 5.0 |
| 2003-12-01 | CVE-2003-0624 | Cross-Site Scripting vulnerability in BEA Weblogic Server Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier allows remote attackers to inject malicious web script via the person parameter. | 4.3 |
| 2003-12-01 | CVE-2003-0623 | Unspecified vulnerability in BEA Tuxedo and Weblogic Server Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument. network bea | 4.3 |
| 2003-12-01 | CVE-2003-0622 | Unspecified vulnerability in BEA Tuxedo and Weblogic Server The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname arguments that contain MS-DOS device names such as CON and AUX. | 5.0 |
| 2003-12-01 | CVE-2003-0621 | Unspecified vulnerability in BEA Tuxedo and Weblogic Server The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument. | 5.0 |