Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-09-28 | CVE-2003-1051 | Command-line Format String vulnerability in IBM DB2 9.0 Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. | 7.2 |
2004-09-28 | CVE-2003-1050 | Command-Line Argument Buffer Overflow vulnerability in IBM DB2 Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. | 7.2 |
2004-09-28 | CVE-2003-0930 | Unspecified vulnerability in Clearswift Mailsweeper Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. | 7.5 |
2004-09-28 | CVE-2003-0929 | Unspecified vulnerability in Clearswift Mailsweeper Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy. | 7.5 |
2004-09-28 | CVE-2003-0928 | Unspecified vulnerability in Clearswift Mailsweeper Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy. | 7.5 |
2004-09-28 | CVE-2002-1583 | Buffer Overflow vulnerability in IBM DB2 db2ckpw Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | 7.2 |
2004-09-21 | CVE-2004-1697 | The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames. | 7.5 |
2004-09-21 | CVE-2004-1694 | Remote Database Default Password vulnerability in Symantec ON Command CCM and ON Icommand Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access. | 7.5 |
2004-09-18 | CVE-2004-1693 | Input Validation vulnerability in Mambo 4.51.0.9 PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-09-16 | CVE-2004-1379 | Heap Overflow vulnerability in Xine-lib DVD Subpicture Decoder Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field. | 7.5 |