Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-07-24 | CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | 7.5 |
2003-07-24 | CVE-2003-0433 | Unspecified vulnerability in Gnocatan-Develop Gnocatan Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code. | 7.5 |
2003-07-24 | CVE-2003-0427 | Unspecified vulnerability in Miod Vallat Mikmod 3.1.6 Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. | 7.5 |
2003-07-24 | CVE-2003-0349 | Unspecified vulnerability in Microsoft Windows 2000 Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll. | 7.5 |
2003-07-03 | CVE-2003-1055 | Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup. | 7.2 |
2003-07-02 | CVE-2003-0398 | Unspecified vulnerability in Vignette Content Suite, Storyserver and Vignette Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed. | 7.5 |
2003-07-02 | CVE-2003-0397 | Buffer Overflow vulnerability in Sharman Networks Kazaa V2.0.2 Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions and products, allows remote attackers to execute arbitrary code via a packet containing a large list of supernodes, aka "Packet 0' death." | 7.5 |
2003-07-02 | CVE-2003-0394 | Remote File Include vulnerability in Blnews 2.1.3 objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site. | 7.5 |
2003-07-02 | CVE-2003-0391 | Denial-Of-Service vulnerability in Magic Winmail Server Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. | 7.5 |
2003-07-02 | CVE-2003-0386 | Unspecified vulnerability in Openbsd Openssh 3.6.1 OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. | 7.5 |