Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-04-11 | CVE-2002-1421 | SQL Injection vulnerability in Ilia Alshanetsky Fudforum 1.2.8/1.9.8/2.0.2 SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php. | 7.5 |
| 2003-04-11 | CVE-2002-1420 | Buffer Overflow vulnerability in OpenBSD select() Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation. | 7.2 |
| 2003-04-11 | CVE-2002-1419 | Unspecified vulnerability in SGI Irix The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address. | 7.5 |
| 2003-04-11 | CVE-2002-1413 | Authentication Bypass vulnerability in Novell Netware 6.0 RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection. | 7.5 |
| 2003-04-11 | CVE-2002-1412 | Remote File Include vulnerability in Bharat Mediratta Gallery Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script. | 7.5 |
| 2003-04-11 | CVE-2002-1410 | Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi. | 7.5 |
| 2003-04-11 | CVE-2002-1408 | Unspecified vulnerability in HP Openview Emanate Snmp Agent and Vvos Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name. | 7.5 |
| 2003-04-11 | CVE-2002-1407 | Unspecified vulnerability in Adam Megacz Tinyssl TinySSL 1.02 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | 7.5 |
| 2003-04-11 | CVE-2002-1406 | Local Passwd vulnerability in HP Hp-Ux 11.04 Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior." | 7.2 |
| 2003-04-02 | CVE-2003-0179 | Buffer Overflow vulnerability in IBM Lotus Domino web Server and Lotus Notes Client Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control. | 7.5 |