Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-09-17 | CVE-2003-0762 | Remote Security vulnerability in Foxweb 2.5 Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value). | 7.5 |
| 2003-09-17 | CVE-2003-0761 | Remote Security vulnerability in Digium Asterisk 1.2.13 Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | 7.5 |
| 2003-09-17 | CVE-2003-0720 | Unspecified vulnerability in University of Washington Pine Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. | 7.5 |
| 2003-09-17 | CVE-2003-0705 | Unspecified vulnerability in Nicolas Boullis Mah-Jong 1.4 Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. | 7.5 |
| 2003-09-17 | CVE-2003-0704 | Local Privilege Escalation vulnerability in Kismac 0.05D KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which allows local users to gain privileges via the $DRIVER_KEXT environment variable in (1) viha_driver.sh, (2) macjack_load.sh, (3) airojack_load.sh, (4) setuid_enable.sh, (5) setuid_disable.sh, and using a "similar technique" for (6) viha_prep.sh and (7) viha_unprep.sh. | 7.2 |
| 2003-09-17 | CVE-2003-0703 | Local Privilege Escalation vulnerability in Kismac 0.05D KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.sh, or (4) via "similar techniques" using exchangeKernel.sh. | 7.2 |
| 2003-08-27 | CVE-2003-0701 | Unspecified vulnerability in Microsoft IE and Internet Explorer Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344. | 7.5 |
| 2003-08-27 | CVE-2003-0699 | Remote Security vulnerability in Linux Advanced Work Station The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | 7.5 |
| 2003-08-27 | CVE-2003-0685 | Unspecified vulnerability in Netris 0.3/0.4/0.5 Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response. | 7.5 |
| 2003-08-27 | CVE-2003-0672 | Unspecified vulnerability in Leon J Breedt Pam-Pgsql 0.5.1/0.5.2 Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message. | 7.5 |