Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2325 | Improper Input Validation vulnerability in University of Washington Pine The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. | 7.8 |
| 2002-12-31 | CVE-2002-2322 | Improper Input Validation vulnerability in Ultimate PHP Board Ultimate PHP Board 1.0Beta Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords. | 5.0 |
| 2002-12-31 | CVE-2002-2314 | Improper Input Validation vulnerability in Mozilla 1.0 Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail. | 5.0 |
| 2002-12-31 | CVE-2002-2239 | Improper Input Validation vulnerability in Cisco IOS 12.1E The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. | 7.8 |
| 2002-12-31 | CVE-2002-2237 | Improper Input Validation vulnerability in Tftp Server 2.21 tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux. | 5.0 |
| 2002-12-31 | CVE-2002-2236 | Improper Input Validation vulnerability in Apt-Www-Proxy 1.0 Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code. | 10.0 |
| 2002-12-31 | CVE-2002-2228 | Improper Input Validation vulnerability in Mailscanner MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner. | 6.4 |
| 2002-12-31 | CVE-2002-1979 | Improper Input Validation vulnerability in Watchguard Legacy Rssa, Soho and Vclass WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | 7.5 |
| 2002-12-31 | CVE-2002-1874 | Improper Input Validation vulnerability in Astrocam astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. | 10.0 |
| 2002-12-31 | CVE-2002-1663 | Improper Input Validation vulnerability in Monkey-Project Monkey 0.1.1 The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value. | 5.0 |