Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-08-18 | CVE-2003-0515 | Unspecified vulnerability in Teapop 0.3.4/0.3.5 SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges. | 7.5 |
| 2003-08-18 | CVE-2003-0496 | Unspecified vulnerability in Microsoft Windows 2000 and Windows 2000 Terminal Services Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file. | 7.2 |
| 2003-08-18 | CVE-2003-0352 | Buffer Overrun vulnerability in Microsoft Windows DCOM RPC Interface Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. | 7.5 |
| 2003-08-18 | CVE-2003-0345 | Buffer Overflow vulnerability in Microsoft Windows 2000, Windows NT and Windows XP Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required. | 7.5 |
| 2003-08-07 | CVE-2003-0510 | Remote Security vulnerability in ezbounce Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command. | 7.5 |
| 2003-08-07 | CVE-2003-0508 | Remote Security vulnerability in Reader Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link. | 7.5 |
| 2003-08-07 | CVE-2003-0507 | Remote Stack Overflow vulnerability in Microsoft Windows 2000 Active Directory Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash. | 7.5 |
| 2003-08-07 | CVE-2003-0503 | Denial-Of-Service vulnerability in Windows 2000 Server Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument. | 7.5 |
| 2003-08-07 | CVE-2003-0498 | Code Injection vulnerability in Intersystems Cache Database 5 Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges. | 7.2 |
| 2003-08-07 | CVE-2003-0497 | Permissions, Privileges, and Access Controls vulnerability in Intersystems Cache Database 5 Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs. | 7.2 |