Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1180 | Unspecified vulnerability in Advanced Poll Advanced Poll 2.0.0/2.0.1/2.0.2 Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. | 7.5 |
| 2003-12-31 | CVE-2003-1179 | Remote File Include vulnerability in Advanced Poll Common.Inc.PHP Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. | 7.5 |
| 2003-12-31 | CVE-2003-1178 | Unspecified vulnerability in Advanced Poll Advanced Poll 2.0.0/2.0.1/2.0.2 Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter. | 7.5 |
| 2003-12-31 | CVE-2003-1177 | Remote Buffer Overflow vulnerability in Atrium Software Mercur Mailserver IMAP AUTH Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | 7.5 |
| 2003-12-31 | CVE-2003-1171 | Unspecified vulnerability in MOD Security MOD Security 1.7/1.7.1 Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. | 7.5 |
| 2003-12-31 | CVE-2003-1170 | Local Arguments Format String vulnerability in Gernot Stocker Kpopup 0.9.1/0.9.5Pre2 Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. | 7.2 |
| 2003-12-31 | CVE-2003-1167 | Unspecified vulnerability in Gernot Stocker Kpopup 0.9.1/0.9.5Pre2 misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program. | 7.2 |
| 2003-12-31 | CVE-2003-1161 | Unspecified vulnerability in Linux Kernel 2.6Test9Cvs exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. | 7.2 |
| 2003-12-31 | CVE-2003-1154 | Unspecified vulnerability in Clearswift Mailsweeper MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants. | 7.5 |
| 2003-12-31 | CVE-2003-1131 | Remote File Include vulnerability in KnowledgeBuilder PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. | 7.5 |