Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-06-09 | CVE-2003-0306 | Local Security vulnerability in Windows XP Gold Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter. | 7.2 |
2003-06-09 | CVE-2003-0242 | Unspecified vulnerability in Apple mac OS X IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | 7.5 |
2003-06-09 | CVE-2003-0241 | Unspecified vulnerability in Frontrange Goldmine 5.70/6.00 FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attackers to execute arbitrary code via a message that is rendered in IE using a less secure zone. | 7.5 |
2003-06-09 | CVE-2003-0188 | lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories. | 7.2 |
2003-06-09 | CVE-2002-1463 | Unspecified vulnerability in Symantec products Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | 7.5 |
2003-06-09 | CVE-2002-1461 | Remote Arbitrary Command Execution vulnerability in Webscriptworld web Shop Manager 1.1 Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. | 7.5 |
2003-06-09 | CVE-2002-1459 | Unspecified vulnerability in Leszek Krupinski L-Forum 2.4.0 Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject. | 7.5 |
2003-06-09 | CVE-2002-1458 | Unspecified vulnerability in Leszek Krupinski L-Forum 2.4.0 Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, (3) Subject and (4) Body. | 7.5 |
2003-06-09 | CVE-2002-1457 | SQL Injection vulnerability in Leszek Krupinski L-Forum 2.4.0 SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter. | 7.5 |
2003-06-09 | CVE-2002-1456 | Buffer Overflow vulnerability in Khaled Mardam-Bey Mirc 6.0/6.0.1/6.0.2 Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. | 7.5 |