Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-04 | CVE-2002-0947 | Remote Buffer Overflow vulnerability in Oracle Application Server and Reports Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter. | 7.5 |
| 2002-10-04 | CVE-2002-0945 | Buffer Overflow vulnerability in Seanox Devwex 20020520 Buffer overflow in SeaNox Devwex allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | 7.5 |
| 2002-10-04 | CVE-2002-0944 | Unspecified vulnerability in Deepmetrix Livestats 6.2 Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 through 6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the (1) user-agent or (2) referrer, which are not filtered by the stats program. | 7.5 |
| 2002-10-04 | CVE-2002-0942 | Buffer Overflow vulnerability in Lumigent Log Explorer XP_LogAttach_StartProf Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach. | 7.5 |
| 2002-10-04 | CVE-2002-0938 | Cross-Site Scripting vulnerability in Cisco Secure ACS Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. | 7.5 |
| 2002-10-04 | CVE-2002-0933 | Authentication Credentials vulnerability in Datalex Bookit! Consumer Plaintext Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks. | 7.5 |
| 2002-10-04 | CVE-2002-0931 | HTML Injection vulnerability in MyHelpDesk Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a (1) Title or (2) Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the (3) tickettime, (4) ticketfiles, or (5) updateticketlog operations, or (6) via the update section when a ticket is edited. | 7.5 |
| 2002-10-04 | CVE-2002-0928 | Buffer Overrun vulnerability in Pirch IRC 98 Buffer overflow in the Pirch 98 IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hyperlink in a channel or private message. | 7.5 |
| 2002-10-04 | CVE-2002-0925 | Unspecified vulnerability in Matthew Mondor Mmftpd and Mmmail Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier. | 7.5 |
| 2002-10-04 | CVE-2002-0924 | Remote Command Execution vulnerability in CSNews CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability. | 7.5 |