Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1816 | Off-by-one Error vulnerability in Redshift Atphttpd 0.4B Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | 9.8 |
| 2002-12-31 | CVE-2002-1798 | Forced Browsing vulnerability in Midicart PHP, Midicart PHP Maxi and Midicart PHP Plus MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php. | 9.1 |
| 2002-12-18 | CVE-2002-1347 | Incorrect Calculation of Buffer Size vulnerability in multiple products Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. | 9.8 |
| 2002-08-12 | CVE-2002-0391 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | 9.8 |
| 2002-07-23 | CVE-2002-0671 | Download of Code Without Integrity Check vulnerability in Pingtel Xpressa Firmware 1.2.5/1.2.7.4 Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing. | 9.8 |
| 2002-07-03 | CVE-2002-0639 | Integer Overflow or Wraparound vulnerability in Openbsd Openssh Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. | 9.8 |
| 2002-03-15 | CVE-2002-0083 | Off-by-one Error vulnerability in multiple products Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. network low complexity conectiva immunix openpkg mandrakesoft openbsd trustix suse redhat engardelinux CWE-193 critical | 9.8 |
| 2002-03-15 | CVE-2002-0059 | Double Free vulnerability in Zlib The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data. | 9.8 |
| 2001-12-31 | CVE-2001-1496 | Off-by-one Error vulnerability in Acme Thttpd Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 9.8 |
| 2001-12-31 | CVE-2001-1481 | Cleartext Storage of Sensitive Information vulnerability in Xitami 2.4/2.5 Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges. | 9.8 |