Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-06 | CVE-2001-0865 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | 7.5 |
| 2001-12-06 | CVE-2001-0864 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. | 7.5 |
| 2001-12-06 | CVE-2001-0862 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | 7.5 |
| 2001-12-06 | CVE-2001-0860 | Unspecified vulnerability in Microsoft Windows 2000 and Windows XP Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. | 7.5 |
| 2001-12-06 | CVE-2001-0857 | Unspecified vulnerability in IMP Webmail Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter. | 7.5 |
| 2001-12-06 | CVE-2001-0855 | Buffer Overflow vulnerability in Rational ClearCase DB Loader TERM Environment Variable Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable. | 7.2 |
| 2001-12-06 | CVE-2001-0849 | Remote Shell Command vulnerability in Duncan Hall Viralator 0.7/0.8/0.9Pre1 viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget. | 7.5 |
| 2001-12-06 | CVE-2001-0847 | Unspecified vulnerability in Lotus Domino web Server 5.X Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID. | 7.5 |
| 2001-12-06 | CVE-2001-0844 | Remote Arbitrary Command Execution vulnerability in Seth Leonard Book of Guests and Post IT Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter. | 7.5 |
| 2001-12-06 | CVE-2001-0842 | Unspecified vulnerability in Leoboard Lb5000 Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. | 7.5 |