Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-03-25 | CVE-2002-0097 | Unspecified vulnerability in Geeklog 1.3 Geeklog 1.3 allows remote attackers to hijack user accounts, including the administrator account, by modifying the UID of a user's permanent cookie to the target account. | 7.5 |
2002-03-25 | CVE-2002-0096 | Unspecified vulnerability in Geeklog 1.3 The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intended. | 7.2 |
2002-03-25 | CVE-2002-0095 | Unspecified vulnerability in Fraunhofer FIT Bscw 3.4/4.0/4.0.6 The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed. | 7.5 |
2002-03-25 | CVE-2002-0094 | Remote Command Execution vulnerability in Fraunhofer FIT Bscw 3.4/4.0 config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion. | 7.5 |
2002-03-19 | CVE-2002-0076 | Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. | 7.5 |
2002-03-15 | CVE-2002-0091 | Remote Command Execution vulnerability in CIDER Shadow Analyzer Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields. | 7.5 |
2002-03-15 | CVE-2002-0090 | Buffer Overflow vulnerability in SUN Solaris 8.0 Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option. | 7.2 |
2002-03-15 | CVE-2002-0089 | Local Buffer Overflow vulnerability in Solaris admintool Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. | 7.2 |
2002-03-15 | CVE-2002-0088 | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. | 7.2 |
2002-03-15 | CVE-2002-0086 | Buffer Overflow vulnerability in Lotus Domino Notes_ExecDirectory Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable. | 7.2 |