Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1510 | Remote Denial of Service vulnerability in RIT Research Labs Tinyweb 1.9 TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory. | 7.8 |
| 2003-12-31 | CVE-2003-1504 | SQL Injection vulnerability in Goldscripts Goldlink 3.0 SQL injection vulnerability in variables.php in Goldlink 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) vadmin_login or (2) vadmin_pass cookie in a request to goldlink.php. | 7.5 |
| 2003-12-31 | CVE-2003-1491 | Code Injection vulnerability in Kerio Personal Firewall 2.1.4 Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. | 7.5 |
| 2003-12-31 | CVE-2003-1490 | Improper Input Validation vulnerability in Sonicwall Pro100, Pro200 and Pro300 SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | 7.8 |
| 2003-12-31 | CVE-2003-1477 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clearswift Mailsweeper FOR Smtp 4.3.6/4.3.7 MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects." | 7.8 |
| 2003-12-31 | CVE-2003-1474 | Permissions, Privileges, and Access Controls vulnerability in Freebsd Slashem-Tty 0.0.6E.4F.8 slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris. | 7.2 |
| 2003-12-31 | CVE-2003-1466 | Unspecified vulnerability in Phorum 3.4/3.4.1/3.4.2 Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites via (1) register.php or (2) login.php. | 7.5 |
| 2003-12-31 | CVE-2003-1464 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Siemens M45 and S45 Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name. | 7.8 |
| 2003-12-31 | CVE-2003-1461 | Buffer Errors vulnerability in HP Hp-Ux 11.00 Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. | 7.2 |
| 2003-12-31 | CVE-2003-1458 | SQL Injection vulnerability in Ttcms and Ttforum SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name. | 7.5 |