Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-07-26 | CVE-2002-0393 | Denial of Service vulnerability in Red-M 1050AP Lan Access Point Web Administration Interface Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password. | 10.0 |
| 2002-07-26 | CVE-2002-0369 | Buffer Overflow vulnerability in Microsoft .Net Framework 1.0 Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode. | 10.0 |
| 2002-07-23 | CVE-2002-0671 | Download of Code Without Integrity Check vulnerability in Pingtel Xpressa Firmware 1.2.5/1.2.7.4 Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing. | 9.8 |
| 2002-07-23 | CVE-2002-0667 | Unspecified vulnerability in Pingtel Xpressa 1.2.5/1.2.7.4 Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone. | 10.0 |
| 2002-07-11 | CVE-2002-0665 | Authentication Bypass vulnerability in Macromedia Jrun 3.0/3.1/4.0 Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL. | 10.0 |
| 2002-07-03 | CVE-2002-0639 | Integer Overflow or Wraparound vulnerability in Openbsd Openssh Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. | 9.8 |
| 2002-07-03 | CVE-2002-0539 | SQL Injection vulnerability in Demarc PureSecure Authentication Check Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie. | 10.0 |
| 2002-07-03 | CVE-2002-0537 | Unspecified vulnerability in Stepweb SWS 2.5 The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS. | 10.0 |
| 2002-07-03 | CVE-2002-0359 | Authentication vulnerability in SGI IRIX rpc.xfsmd Weak xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges. | 10.0 |
| 2002-06-25 | CVE-2002-0335 | Remote Web Server Denial of Service vulnerability in Galacticomm Worldgroup Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request. | 10.0 |