Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-26 | CVE-2002-1176 | Remote Security vulnerability in Nullsoft Winamp 2.81 Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file. | 7.5 |
| 2002-12-23 | CVE-2002-1382 | SWF Buffer Overflow vulnerability in Macromedia Flash Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846. | 7.5 |
| 2002-12-23 | CVE-2002-1381 | Unspecified vulnerability in University of Cambridge Exim 3.35/3.36/4.10 Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value. | 7.2 |
| 2002-12-23 | CVE-2002-1376 | Buffer Overflow vulnerability in MySQL libmysqlclient Library Read_Rows libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
| 2002-12-23 | CVE-2002-1375 | The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. | 7.5 |
| 2002-12-23 | CVE-2002-1374 | The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password. | 7.5 |
| 2002-12-23 | CVE-2002-1365 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Fetchmail Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | 7.5 |
| 2002-12-23 | CVE-2002-1364 | Local Buffer Overflow vulnerability in Traceroute-nanog Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses. | 7.2 |
| 2002-12-23 | CVE-2002-1350 | Unspecified vulnerability in LBL Tcpdump The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | 7.5 |
| 2002-12-23 | CVE-2002-1296 | Local Root vulnerability in Solaris priocntl() System Call Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. | 7.2 |