Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1665 | Denial-Of-Service vulnerability in Yahoo Messenger 5.0 Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field. | 7.5 |
| 2002-12-31 | CVE-2002-1660 | OS Command Injection vulnerability in Jelsoft Vbulletin calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the command parameter. | 7.5 |
| 2002-12-31 | CVE-2002-1657 | Use of Password Hash With Insufficient Computational Effort vulnerability in Postgresql 7.3.19 PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. | 7.5 |
| 2002-12-31 | CVE-2002-1656 | Unspecified vulnerability in Xqus X-News 1.0/1.1 X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. | 7.5 |
| 2002-12-31 | CVE-2002-1654 | Authentication Attacks vulnerability in Netscape Enterprise Web Server Brute Force iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection. | 7.5 |
| 2002-12-31 | CVE-2002-1652 | Remote Buffer Overflow vulnerability in MIT Cgiemail 1.6 Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter. | 7.5 |
| 2002-12-31 | CVE-2002-1650 | Remote Security vulnerability in Squirrelmail 1.2.2 The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter. | 7.5 |
| 2002-12-31 | CVE-2002-1648 | Unspecified vulnerability in Squirrelmail 1.2.2 Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. | 7.5 |
| 2002-12-31 | CVE-2002-1646 | Unspecified vulnerability in SSH Secure Shell FOR Servers SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. | 7.5 |
| 2002-12-31 | CVE-2002-1631 | Information Disclosure vulnerability in Oracle 9i Application Server Sample Scripts SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter. | 7.5 |