Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-1877 | Permissions, Privileges, and Access Controls vulnerability in Netgear Fm114P NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname. | 7.5 |
2002-12-31 | CVE-2002-1872 | Inadequate Encryption Strength vulnerability in Microsoft SQL Server Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password. | 7.5 |
2002-12-31 | CVE-2002-1871 | Unspecified vulnerability in SUN Solaris and Sunos pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | 7.2 |
2002-12-31 | CVE-2002-1870 | Unspecified vulnerability in SWS Simple web Server Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fails, which may allow remote attackers to overwrite program data or perform actions on an uninitialized heap, leading to a denial of service and possibly code execution. | 7.5 |
2002-12-31 | CVE-2002-1867 | Unspecified vulnerability in Bizdesign Imagefolio 2.23/2.24/2.26 The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption). | 7.5 |
2002-12-31 | CVE-2002-1851 | Buffer Overflow vulnerability in Ipswitch WS FTP PRO 7.5 Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unknown attack vectors. | 7.5 |
2002-12-31 | CVE-2002-1850 | Improper Locking vulnerability in Apache Http Server 2.0.39/2.0.40 mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. | 7.5 |
2002-12-31 | CVE-2002-1847 | Unspecified vulnerability in Microsoft Windows Media Player Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. | 7.5 |
2002-12-31 | CVE-2002-1844 | Incorrect Default Permissions vulnerability in Microsoft Windows Media Player 6.3 Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | 7.8 |
2002-12-31 | CVE-2002-1843 | Remote Command Execution vulnerability in Perlbot 1.9.2 Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. | 7.5 |