Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-07-03 | CVE-2002-0542 | Unspecified vulnerability in Openbsd 2.9/3.0 mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron. | 7.2 |
| 2002-07-03 | CVE-2002-0541 | Buffer Overflow vulnerability in IBM Tivoli Storage Manager 4.2/4.2.1 Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581. | 7.5 |
| 2002-07-03 | CVE-2002-0540 | Unspecified vulnerability in Nortel CVX 1800 Multi-Service Access Switch 3.6.3 Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration. | 7.5 |
| 2002-07-03 | CVE-2002-0538 | Unspecified vulnerability in Symantec products FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | 7.5 |
| 2002-07-03 | CVE-2002-0536 | Unspecified vulnerability in PHPgroupware 0.9.13 PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack. | 7.5 |
| 2002-07-03 | CVE-2002-0378 | Remote Print Submission vulnerability in Astart Technologies Lprng 3.7.4/3.8.9 The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts. | 7.5 |
| 2002-07-03 | CVE-2002-0373 | Privilege Escalation vulnerability in Microsoft Windows Media Player 7.1 The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through Windows Media Device Manager Service". | 7.2 |
| 2002-07-03 | CVE-2002-0372 | Path Disclosure vulnerability in Windows Media Player IE Cache Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player". | 7.5 |
| 2002-07-03 | CVE-2002-0371 | Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. | 7.5 |
| 2002-07-03 | CVE-2002-0366 | Remote Access Service Buffer Overflow vulnerability in Microsoft Windows 2000, Windows NT and Windows XP Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry. | 7.2 |