Vulnerabilities > Improper Input Validation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-03-03 | CVE-2003-0825 | Improper Input Validation vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows NT The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | 9.3 |
2004-02-03 | CVE-2003-0368 | Improper Input Validation vulnerability in Nokia Ggsn Release1 Nokia Gateway GPRS support node (GGSN) allows remote attackers to cause a denial of service (kernel panic) via a malformed IP packet with a 0xFF TCP option. | 5.0 |
2004-01-20 | CVE-2003-1025 | Improper Input Validation vulnerability in Microsoft Internet Explorer 6.0 Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability." | 4.3 |
2004-01-05 | CVE-2003-1003 | Improper Input Validation vulnerability in Cisco PIX Firewall and PIX Firewall Software Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | 7.8 |
2003-12-31 | CVE-2003-1538 | Improper Input Validation vulnerability in Suse products susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | 6.4 |
2003-12-31 | CVE-2003-1490 | Improper Input Validation vulnerability in Sonicwall Pro100, Pro200 and Pro300 SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | 7.8 |
2003-12-31 | CVE-2003-1488 | Improper Input Validation vulnerability in Truelogik Truegalerie 1.0 The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1. | 6.4 |
2003-12-31 | CVE-2003-1487 | Improper Input Validation vulnerability in Phorum 3.4/3.4.1/3.4.2 Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program. | 10.0 |
2003-12-31 | CVE-2003-1485 | Improper Input Validation vulnerability in Clearswift Mailsweeper Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space." | 5.0 |
2003-12-31 | CVE-2003-1471 | Improper Input Validation vulnerability in Alt-N Mdaemon MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. | 6.3 |