Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2391 | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. | 7.5 |
| 2002-12-31 | CVE-2002-2385 | Buffer Errors vulnerability in Hotfoon Corporation Hotfoon 4.0 Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number. | 7.5 |
| 2002-12-31 | CVE-2002-2383 | SQL Injection vulnerability in F2Html.Pl SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via file names. | 7.5 |
| 2002-12-31 | CVE-2002-2382 | Link Following vulnerability in Cvsup 1.2 cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. | 7.2 |
| 2002-12-31 | CVE-2002-2381 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ka-Shu Wong Gtetrinet Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code. | 7.5 |
| 2002-12-31 | CVE-2002-2373 | Configuration vulnerability in Apple TCP IP Configuration Utility 12640 The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. | 7.5 |
| 2002-12-31 | CVE-2002-2371 | Improper Input Validation vulnerability in Linksys Wet11 1.31/1.32 Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | 7.8 |
| 2002-12-31 | CVE-2002-2367 | Buffer Errors vulnerability in Socks5 1.0R11 Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname. | 7.8 |
| 2002-12-31 | CVE-2002-2363 | Permissions, Privileges, and Access Controls vulnerability in HP Hp-Ux 11.00 VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | 7.2 |
| 2002-12-31 | CVE-2002-2355 | Credentials Management vulnerability in Netgear Fm114P Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. | 7.1 |