Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-05-27 | CVE-2003-0237 | Remote Command Execution vulnerability in Mirabilis ICQ Features On Demand The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack. | 7.5 |
| 2003-05-27 | CVE-2003-0236 | Integer Overflow vulnerability in Mirabilis ICQ POP3 Client Subject Field Signed Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers. | 7.5 |
| 2003-05-27 | CVE-2003-0235 | Unspecified vulnerability in Mirabilis ICQ Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. | 7.5 |
| 2003-05-27 | CVE-2003-0228 | Unspecified vulnerability in Microsoft Windows Media Player 7.1 Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location. | 7.5 |
| 2003-05-22 | CVE-2003-0339 | Remote Security vulnerability in Wsmp3 Daemon and Wsmp3 web Server Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests. | 7.5 |
| 2003-05-22 | CVE-2003-0335 | Remote Security vulnerability in Slackware Linux 9.0 rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | 7.5 |
| 2003-05-21 | CVE-2003-0340 | Remote Security vulnerability in Demarc Security Puresecure 1.6 Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges. | 7.5 |
| 2003-05-19 | CVE-2003-0333 | Privilege Escalation vulnerability in HP-UX Kermit Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. | 7.2 |
| 2003-05-15 | CVE-2003-0308 | Local Security vulnerability in Sendmail The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | 7.2 |
| 2003-05-12 | CVE-2003-0233 | Unspecified vulnerability in Microsoft IE and Internet Explorer Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. | 7.5 |