Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-11 | CVE-2002-0866 | Unspecified vulnerability in Microsoft Virtual Machine Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes." | 7.5 |
| 2002-10-11 | CVE-2002-0865 | Unspecified vulnerability in Microsoft Virtual Machine A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes." | 7.5 |
| 2002-10-10 | CVE-2002-0709 | SQL Injection vulnerability in Surfcontrol Superscout web Filter and web Filter SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs. | 7.5 |
| 2002-10-10 | CVE-2002-0706 | Remote Security vulnerability in Surfcontrol Superscout web Filter and web Filter UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function. | 7.5 |
| 2002-10-10 | CVE-2002-0705 | Information Disclosure vulnerability in Surfcontrol Superscout web Filter and web Filter The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote attackers to obtain valid usernames and crack the passwords. | 7.5 |
| 2002-10-10 | CVE-2002-0694 | Unspecified vulnerability in Microsoft products The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | 7.5 |
| 2002-10-10 | CVE-2002-0693 | Buffer Overflow vulnerability in Microsoft Windows Help Facility ActiveX Control Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function. | 7.5 |
| 2002-10-10 | CVE-2002-0692 | Buffer Overflow vulnerability in Microsoft products Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request. | 7.5 |
| 2002-10-10 | CVE-2002-0370 | Buffer Overflow vulnerability in Multiple Vendor ZIP Files Long Filename Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. | 7.5 |
| 2002-10-04 | CVE-2002-1135 | Unspecified vulnerability in PHPwebsite 0.8.2 modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code. | 7.5 |