Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-04-11 | CVE-2003-0203 | Buffer Overflow vulnerability in moxftp Banner Parsing Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. | 7.5 |
| 2003-04-11 | CVE-2003-0197 | Local Security vulnerability in Interbase Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). | 7.2 |
| 2003-04-11 | CVE-2003-0135 | Unspecified vulnerability in Redhat Linux 9.0 vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended. | 7.5 |
| 2003-04-11 | CVE-2002-1442 | Unspecified vulnerability in Google Toolbar The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check. | 7.5 |
| 2003-04-11 | CVE-2002-1441 | Buffer Overflow vulnerability in Tomahawk Technologies Steelarrow 4.1 Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .aro file, or (3) DLLHOST.EXE via a Chunked Transfer-Encoding request. | 7.5 |
| 2003-04-11 | CVE-2002-1436 | Unspecified vulnerability in Novell Netware 5.1/6.0 The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. | 7.5 |
| 2003-04-11 | CVE-2002-1435 | Remote File Include Command Execution vulnerability in Achievo class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allow_url_fopen' setting is enabled via a URL in the config_atkroot parameter that points to the code. | 7.5 |
| 2003-04-11 | CVE-2002-1431 | Unspecified vulnerability in Belkin F5D5230-4 4-Port Cable DSL Gateway Router 1.20.000 Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server. | 7.5 |
| 2003-04-11 | CVE-2002-1427 | Unspecified vulnerability in Easy Scripts Archive products The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users. | 7.5 |
| 2003-04-11 | CVE-2002-1426 | Denial Of Service vulnerability in HP Procurve Switch 4000M C.07.23 HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. | 7.8 |