Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-06-18 | CVE-2002-0388 | HTML Injection vulnerability in GNU Mailman Pipermail Index Summary Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. | 7.5 |
2002-06-18 | CVE-2002-0380 | Buffer Overflow vulnerability in LBL TCPDump Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet. | 7.5 |
2002-06-18 | CVE-2002-0357 | Buffer Overflow vulnerability in SGI IRIX rpc.passwd Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges. | 7.2 |
2002-05-31 | CVE-2002-0310 | Unspecified vulnerability in Netwin Webnews Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879. | 7.5 |
2002-05-31 | CVE-2002-0307 | Directory Traversal vulnerability in Avengers News System Avengers News System 2.01/2.11 Directory traversal vulnerability in ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a .. | 7.5 |
2002-05-31 | CVE-2002-0306 | Remote Command Execution vulnerability in Avengers News System Avengers News System 2.01/2.11 ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the p (plugin) parameter. | 7.5 |
2002-05-31 | CVE-2002-0299 | Remote Arbitrary Code Execution vulnerability in CNet CatchUp CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan. | 7.6 |
2002-05-31 | CVE-2002-0290 | Remote Buffer Overflow vulnerability in Netwin Webnews 1.1H/1.1I/1.1J Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument. | 7.5 |
2002-05-31 | CVE-2002-0286 | Unspecified vulnerability in Sitenews The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user. | 7.5 |
2002-05-31 | CVE-2002-0285 | Unspecified vulnerability in Microsoft Outlook Express 5.5/6.0 Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. | 7.5 |