Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-08-27 | CVE-2003-0636 | Remote Security vulnerability in Novell Ichain 2.2 Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. | 7.5 |
| 2003-08-27 | CVE-2003-0634 | Buffer Overflow vulnerability in Oracle Database Server EXTPROC Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. | 7.5 |
| 2003-08-27 | CVE-2003-0632 | Remote Security vulnerability in Oracle Applications and E-Business Suite Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | 7.5 |
| 2003-08-27 | CVE-2003-0631 | Local Security vulnerability in Workstation VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | 7.2 |
| 2003-08-27 | CVE-2003-0625 | Off-by-one Error vulnerability in Hadrons Xfstt Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response. | 7.5 |
| 2003-08-27 | CVE-2003-0616 | Unspecified vulnerability in Mcafee Epolicy Orchestrator 2.0/2.5/2.5.1 Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution. | 7.5 |
| 2003-08-27 | CVE-2003-0609 | Unspecified vulnerability in SUN Solaris and Sunos Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. | 7.2 |
| 2003-08-27 | CVE-2003-0605 | Unspecified vulnerability in Microsoft Windows 2000 The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function. | 7.5 |
| 2003-08-27 | CVE-2003-0597 | Unspecified vulnerability in SCO Openserver 5.0.6/5.0.7 Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges. | 7.2 |
| 2003-08-27 | CVE-2003-0546 | Unspecified vulnerability in Redhat Up2Date 3.0.71/3.1.231 up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | 7.5 |