Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-08-07 | CVE-2003-0491 | Remote Security vulnerability in Mytutorials Tutorials 2.0 The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file. | 7.5 |
2003-08-07 | CVE-2003-0490 | Local Security vulnerability in Dantz Retrospect Client 5.0.540 The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, and possibly other versions, creates critical directories and files with world-writable permissions, which allows local users to gain privileges as other users by replacing programs with malicious code. | 7.2 |
2003-08-07 | CVE-2003-0489 | Unspecified vulnerability in Michael C. Toren Tcptraceroute tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute. | 7.2 |
2003-08-07 | CVE-2003-0487 | Remote Username Buffer Overrun vulnerability in Kerio Mailserver 5.6.3 Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module. | 7.5 |
2003-08-07 | CVE-2003-0482 | Remote Security vulnerability in Gero Kohnert Tutos 1.1 TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code. | 7.5 |
2003-08-07 | CVE-2003-0471 | Buffer Overflow vulnerability in Alt-N WebAdmin USER Parameter Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument. | 7.5 |
2003-08-07 | CVE-2003-0470 | Buffer Overflow vulnerability in Symantec Security Check RuFSI ActiveX Control Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. | 7.5 |
2003-08-07 | CVE-2003-0469 | Buffer Overflow vulnerability in Microsoft Windows HTML Converter HR Align Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. | 7.5 |
2003-08-07 | CVE-2003-0454 | Unspecified vulnerability in JOE Rumsey Xgalaga 2.0.34 Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable. | 7.2 |
2003-08-07 | CVE-2003-0450 | Unspecified vulnerability in Cistron Radius Daemon Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buffer overflow. | 7.5 |