Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1402 | Improper Input Validation vulnerability in Kietu 2.0/2.3 PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015. | 7.5 |
| 2003-12-31 | CVE-2003-1393 | Buffer Errors vulnerability in Gupta Technologies Sqlbase 8.1.0 Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long EXECUTE command. | 8.5 |
| 2003-12-31 | CVE-2003-1391 | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase. | 7.5 |
| 2003-12-31 | CVE-2003-1390 | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase. | 7.5 |
| 2003-12-31 | CVE-2003-1389 | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks. | 7.5 |
| 2003-12-31 | CVE-2003-1387 | Classic Buffer Overflow vulnerability in Opera Browser 6.05/6.06/7.0 Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username. | 7.5 |
| 2003-12-31 | CVE-2003-1383 | Permissions, Privileges, and Access Controls vulnerability in Logicworks web ERP WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password. | 7.5 |
| 2003-12-31 | CVE-2003-1382 | Buffer Errors vulnerability in Instantservers Inc. Ismail 1.4.3 Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields. | 7.5 |
| 2003-12-31 | CVE-2003-1380 | Path Traversal vulnerability in Bisonftp Server 4 R2 Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. | 7.5 |
| 2003-12-31 | CVE-2003-1378 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Outlook and Outlook Express Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077. | 8.8 |