Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-02-07 | CVE-2003-0003 | Buffer Overflow vulnerability in Microsoft Windows Locator Service Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information. | 7.5 |
| 2003-01-17 | CVE-2003-0031 | Buffer Overrun vulnerability in Libmcrypt Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). | 7.5 |
| 2003-01-17 | CVE-2003-0026 | Remote Buffer Overflow vulnerability in ISC DHCPD NSUPDATE MiniRes Library Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. | 7.5 |
| 2003-01-17 | CVE-2003-0025 | SQL Injection vulnerability in Horde IMP Database Files Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. | 7.5 |
| 2003-01-17 | CVE-2003-0013 | LocalConfig Backup File Disclosure vulnerability in Bugzilla The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file. | 7.5 |
| 2003-01-17 | CVE-2002-1403 | Remote Command Execution vulnerability in DHCPCD Character Expansion dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script. | 7.2 |
| 2003-01-17 | CVE-2002-1400 | Unspecified vulnerability in Postgresql Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string. | 7.5 |
| 2003-01-17 | CVE-2002-1397 | Buffer Overflow vulnerability in PostgreSQL cash_words Function Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | 7.5 |
| 2003-01-17 | CVE-2002-1396 | Unspecified vulnerability in PHP Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | 7.5 |
| 2003-01-17 | CVE-2002-1393 | Unspecified vulnerability in KDE Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | 7.5 |