Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-08 | CVE-2003-1057 | Buffer Overflow vulnerability in CDE DTPrintInfo Home Environment Variable Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code. | 7.2 |
| 2003-12-01 | CVE-2003-0834 | Local Buffer Overflow vulnerability in SCO Open Unix and Unixware Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | 7.2 |
| 2003-11-27 | CVE-2003-1216 | SQL Injection vulnerability in phpBB search.php SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter. | 7.5 |
| 2003-11-23 | CVE-2003-1195 | SQL-Injection vulnerability in VieBoard SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable. | 7.5 |
| 2003-11-20 | CVE-2003-1059 | Privilege Escalation vulnerability in Sun Solaris PGX32 Libraries Unspecific Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access. | 7.2 |
| 2003-11-17 | CVE-2003-0896 | Unspecified vulnerability in SUN JRE 1.3.0/1.4.1 The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method. | 7.5 |
| 2003-11-17 | CVE-2003-0870 | Out-of-bounds Write vulnerability in Opera Browser 7.11/7.20 Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name. | 7.5 |
| 2003-11-17 | CVE-2003-0865 | Remote File Play Heap Corruption vulnerability in Mpg123 0.59R/0.59S Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request. | 7.5 |
| 2003-11-17 | CVE-2003-0863 | Unspecified vulnerability in PHP 4.3.0/4.3.1/4.3.2 The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications. | 7.5 |
| 2003-11-17 | CVE-2003-0850 | The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." | 7.5 |