Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-04 | CVE-2002-0996 | Buffer Overflow vulnerability in Novell Netmail and Netmail XE Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb. | 7.5 |
| 2002-10-04 | CVE-2002-0995 | Unspecified vulnerability in Gianluca Baldo PHPauction login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table. | 7.5 |
| 2002-10-04 | CVE-2002-0994 | Unspecified vulnerability in SUN PCI II Driver 2.3 SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications. | 7.5 |
| 2002-10-04 | CVE-2002-0991 | Buffer Overflow vulnerability in HP Cifs-9000 Server A.01.05/A.01.06 Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | 7.2 |
| 2002-10-04 | CVE-2002-0968 | Buffer Overflow vulnerability in AnalogX SimpleServer:WWW Web Server Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name. | 7.5 |
| 2002-10-04 | CVE-2002-0967 | Buffer Overflow vulnerability in EDonkey 2000 URI Handler Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL. | 7.5 |
| 2002-10-04 | CVE-2002-0966 | Buffer Overflow vulnerability in ACI 4D Webserver 6.7.3 Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request. | 7.5 |
| 2002-10-04 | CVE-2002-0965 | Remote Buffer Overflow vulnerability in Oracle TNSListener SERVICE_NAME Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file. | 7.5 |
| 2002-10-04 | CVE-2002-0962 | Cross-Site Scripting vulnerability in Geeklog 1.3/1.3.0/1.3.5 Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the url variable in the Link field of a calendar event, (2) the topic parameter in index.php, or (3) the title parameter in comment.php. | 7.5 |
| 2002-10-04 | CVE-2002-0961 | Code Injection vulnerability in Voxel Dot Net CBMS Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. | 7.5 |