Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-05-16 | CVE-2002-0212 | Information Disclosure vulnerability in Hosting Controller The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack. | 7.5 |
2002-05-16 | CVE-2002-0210 | Symbolic Link vulnerability in Tolis Group BRU 17.0 setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file. | 7.2 |
2002-05-16 | CVE-2002-0207 | Buffer Overflow vulnerability in Real Media RealPlayer Media File Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header. | 7.5 |
2002-05-16 | CVE-2002-0206 | Remote Arbitrary File Include vulnerability in PHPNuke index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter. | 7.5 |
2002-05-16 | CVE-2002-0205 | Cross-Site Scripting vulnerability in Plumtree Corporate Portal Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter. | 7.5 |
2002-05-16 | CVE-2002-0204 | Buffer Overflow vulnerability in GNU Chess 5.02 Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command. | 7.5 |
2002-05-16 | CVE-2002-0199 | Denial Of Service vulnerability in Nullsoft Shoutcast Server 1.8.3 Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes. | 7.5 |
2002-05-16 | CVE-2002-0197 | Unspecified vulnerability in Psychoid Psybnc psyBNC 2.3 beta and earlier allows remote attackers to spoof encrypted, trusted messages by sending lines that begin with the "[B]" sequence, which makes the message appear legitimate. | 7.5 |
2002-05-16 | CVE-2002-0185 | Unspecified vulnerability in Apache MOD Python mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | 7.5 |
2002-05-16 | CVE-2002-0184 | Incorrect Calculation of Buffer Size vulnerability in multiple products Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | 7.8 |