Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-09-22 | CVE-2003-0770 | Remote Security vulnerability in Ikonboard 3.1.1/3.1.2A FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement. | 7.5 |
2003-09-17 | CVE-2003-0767 | Denial-Of-Service vulnerability in Gamespy products Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earlier for Windows, and 0.27 and earlier for Linux and BSD, allows remote attackers to cause a denial of service and execute arbitrary code via a client request with a large length value. | 7.5 |
2003-09-17 | CVE-2003-0766 | Remote Security vulnerability in FTP Desktop FTP Desktop 3.5 Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER command, or (3) a long response to a PASS command. | 7.5 |
2003-09-17 | CVE-2003-0765 | Remote Security vulnerability in Winamp The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value. | 7.5 |
2003-09-17 | CVE-2003-0762 | Remote Security vulnerability in Foxweb 2.5 Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value). | 7.5 |
2003-09-17 | CVE-2003-0761 | Remote Security vulnerability in Digium Asterisk 1.2.13 Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | 7.5 |
2003-09-17 | CVE-2003-0720 | Unspecified vulnerability in University of Washington Pine Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. | 7.5 |
2003-09-17 | CVE-2003-0705 | Unspecified vulnerability in Nicolas Boullis Mah-Jong 1.4 Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. | 7.5 |
2003-09-17 | CVE-2003-0704 | Local Privilege Escalation vulnerability in Kismac 0.05D KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which allows local users to gain privileges via the $DRIVER_KEXT environment variable in (1) viha_driver.sh, (2) macjack_load.sh, (3) airojack_load.sh, (4) setuid_enable.sh, (5) setuid_disable.sh, and using a "similar technique" for (6) viha_prep.sh and (7) viha_unprep.sh. | 7.2 |
2003-09-17 | CVE-2003-0703 | Local Privilege Escalation vulnerability in Kismac 0.05D KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.sh, or (4) via "similar techniques" using exchangeKernel.sh. | 7.2 |