Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-11-17 | CVE-2002-1568 | Unspecified vulnerability in Openssl 0.9.6E OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c. | 5.0 |
2003-11-17 | CVE-2001-1412 | Unspecified vulnerability in Apple mac OS X 10.4.9 nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument. | 2.1 |
2003-11-17 | CVE-2001-1411 | Local Security vulnerability in Apple mac OS X 10.4.9 Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | 7.2 |
2003-11-13 | CVE-2003-0626 | Directory Traversal vulnerability in PeopleSoft PeopleBooks psdoccgi.exe psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. | 5.0 |
2003-11-04 | CVE-2003-1144 | Buffer Overflow vulnerability in Perception LiteServe Server Log Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name. | 10.0 |
2003-11-04 | CVE-2003-1141 | Remote Buffer Overrun vulnerability in Network Instruments Niprint Lpd-Lpr Print Server 4.10 Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515. | 7.5 |
2003-11-03 | CVE-2003-1196 | SQL Injection vulnerability in Vienuke Vieboard 2.6/2.6Beta1 SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | 7.5 |
2003-11-03 | CVE-2003-1193 | SQL Injection vulnerability in Oracle9iAS Portal Component Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL. | 7.5 |
2003-11-03 | CVE-2003-1192 | Buffer Overrun vulnerability in IA WebMail Server Long GET Request Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request. | 10.0 |
2003-11-03 | CVE-2003-1190 | Cross-Site Scripting/HTML Injection vulnerability in PHPRecipeBook Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe. network phprecipebook | 4.3 |