Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-06-30 | CVE-2003-0411 | Improper Handling of Case Sensitivity vulnerability in Oracle SUN ONE Application Server 7.0 Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension. | 7.5 |
2003-06-30 | CVE-2003-0408 | Buffer Overflow vulnerability in the Uptimes Project Upclient 5.0B7 Buffer overflow in Uptime Client (UpClient) 5.0b7, and possibly other versions, allows local users to gain privileges via a long -p argument. | 7.2 |
2003-06-30 | CVE-2003-0406 | Unspecified vulnerability in Palmvnc 1.40 PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges. | 7.2 |
2003-06-30 | CVE-2003-0403 | Denial Of Service vulnerability in Vignette Content Suite, Storyserver and Vignette Vignette StoryServer 5 and Vignette V/5 allows remote attackers to read and modify license information, and cause a denial of service (service halt) by directly accessing the /vgn/license template. | 7.5 |
2003-06-19 | CVE-2003-1067 | Local Security vulnerability in RETIRED: Oracle Solaris Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions. | 7.2 |
2003-06-17 | CVE-2003-1086 | Remote Security vulnerability in Pmachine Free and Pmachine PRO PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and 2.2.1 allows remote attackers to execute arbitrary PHP code by modifying the pm_path parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2003-06-16 | CVE-2003-0378 | Unspecified vulnerability in Apple mac OS X The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. | 7.5 |
2003-06-16 | CVE-2003-0371 | Denial-Of-Service vulnerability in Prishtina Soft Prishtina FTP V.1 Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner. | 7.5 |
2003-06-16 | CVE-2003-0370 | Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | 7.5 |
2003-06-16 | CVE-2003-0354 | Unspecified vulnerability in Redhat Linux Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job. | 7.5 |