Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1448 | Resource Management Errors vulnerability in Microsoft Windows 2000 Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet. | 7.8 |
| 2003-12-31 | CVE-2003-1442 | Improper Authentication vulnerability in Ericsson Hm220Dp Adsl Modem The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side. | 7.5 |
| 2003-12-31 | CVE-2003-1435 | SQL Injection vulnerability in Francisco Burzi PHP-Nuke 5.6/6.0 SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module. | 7.5 |
| 2003-12-31 | CVE-2003-1431 | Buffer Errors vulnerability in Epic Games Unreal Engine 226F/433/436 Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL. | 7.1 |
| 2003-12-31 | CVE-2003-1429 | Buffer Errors vulnerability in Proxomitron Naoko 4.4 Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to execute arbitrary code via a long request. | 7.5 |
| 2003-12-31 | CVE-2003-1407 | Buffer Errors vulnerability in Microsoft Windows NT 4.0 Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. | 7.2 |
| 2003-12-31 | CVE-2003-1406 | Code Injection vulnerability in Adalis Infomatique D Forum 1.0/1.10/1.11 PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. | 7.5 |
| 2003-12-31 | CVE-2003-1405 | Improper Input Validation vulnerability in Dotbr Botbr 0.1 DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. | 7.5 |
| 2003-12-31 | CVE-2003-1404 | Information Exposure vulnerability in Dotbr Botbr 0.1 DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. | 7.5 |
| 2003-12-31 | CVE-2003-1403 | Improper Input Validation vulnerability in Dotbr Botbr 0.1 foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | 7.5 |