Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-08-27 | CVE-2003-0649 | Unspecified vulnerability in Xpcd Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | 7.2 |
| 2003-08-27 | CVE-2003-0647 | Remote Security vulnerability in IOS Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | 7.5 |
| 2003-08-27 | CVE-2003-0646 | Unspecified vulnerability in Trend Micro Damage Cleanup Server and Housecall Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings. | 7.5 |
| 2003-08-27 | CVE-2003-0638 | Denial-Of-Service vulnerability in Novell Ichain 2.1 Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login." | 7.5 |
| 2003-08-27 | CVE-2003-0636 | Remote Security vulnerability in Novell Ichain 2.2 Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. | 7.5 |
| 2003-08-27 | CVE-2003-0634 | Buffer Overflow vulnerability in Oracle Database Server EXTPROC Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. | 7.5 |
| 2003-08-27 | CVE-2003-0632 | Remote Security vulnerability in Oracle Applications and E-Business Suite Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | 7.5 |
| 2003-08-27 | CVE-2003-0631 | Local Security vulnerability in Workstation VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | 7.2 |
| 2003-08-27 | CVE-2003-0625 | Off-by-one Error vulnerability in Hadrons Xfstt Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response. | 7.5 |
| 2003-08-27 | CVE-2003-0616 | Unspecified vulnerability in Mcafee Epolicy Orchestrator 2.0/2.5/2.5.1 Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution. | 7.5 |