Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1789 | Unspecified vulnerability in Newsx 1.4Pl6 Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function. | 7.2 |
| 2002-12-31 | CVE-2002-1788 | Unspecified vulnerability in KIM Storm NN Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses. | 7.5 |
| 2002-12-31 | CVE-2002-1781 | Buffer Overflow vulnerability in Delegate POP Proxy USER Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy. | 7.5 |
| 2002-12-31 | CVE-2002-1779 | Unspecified vulnerability in Symantec Norton Personal Firewall 2002 The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305). | 7.5 |
| 2002-12-31 | CVE-2002-1778 | Unspecified vulnerability in Symantec Norton Personal Firewall 2002 Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. | 7.5 |
| 2002-12-31 | CVE-2002-1773 | Denial Of Service vulnerability in Mirabilis ICQ for Macos X 2.6Xbeta Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request. | 7.5 |
| 2002-12-31 | CVE-2002-1767 | Local Command Parameter Buffer Overflow vulnerability in Oracle Database Server 8.1.5 Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument. | 7.2 |
| 2002-12-31 | CVE-2002-1760 | SQL Injection vulnerability in PHProjekt Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 allow remote attackers to execute arbitrary SQL commands via the unknown attack vectors. | 7.5 |
| 2002-12-31 | CVE-2002-1757 | Unspecified vulnerability in PHProjekt PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, which is included in the PATH_INFO portion of the $PHP_SELF variable, as demonstrated using "mail_send.php/sms". | 7.5 |
| 2002-12-31 | CVE-2002-1749 | Unspecified vulnerability in Microsoft Windows 2000 Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges. | 7.2 |