Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-10-04 CVE-2002-0905 Buffer Overflow vulnerability in IBM Informix 7.25.Uc1Se/7.25.Uc2Se/7.25.Uc3Se
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.
local
low complexity
ibm
7.2
2002-10-04 CVE-2002-0904 Remote Command Execution vulnerability in Kismet ESSID
SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument.
network
low complexity
kismet
7.5
2002-10-04 CVE-2002-0903 Unspecified vulnerability in Woltlab Burning Board 1.1.1
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value.
network
low complexity
woltlab
7.5
2002-10-04 CVE-2002-0902 HTML Injection vulnerability in PHPBB2 Image Tag
Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script.
network
low complexity
phpbb-group
7.5
2002-10-04 CVE-2002-0900 Remote Buffer Overflow vulnerability in MIT PGP Public Key Server Search String
Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability.
network
low complexity
mit
7.5
2002-10-04 CVE-2002-0899 Unspecified vulnerability in Blueface Falcon web Server 2.0.0.1021/2.0.0.1021Ssl
Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a .
network
low complexity
blueface
7.5
2002-10-04 CVE-2002-0897 Unspecified vulnerability in Intranet-Server Localweb2000 2.1.0Standardversion
LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory.
network
low complexity
intranet-server
7.5
2002-10-04 CVE-2002-0895 Buffer Overflow vulnerability in Matu FTP 1.13
Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command.
network
low complexity
matu
7.5
2002-10-04 CVE-2002-0888 Unspecified vulnerability in 3Com 3Cp4144 1.1.7/1.1.9
3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired port, which is allowed by the router.
network
low complexity
3com
7.5
2002-10-04 CVE-2002-0885 Multiple vulnerability in Multiple Vendor In.Rarpd
Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.
network
low complexity
caldera sun
7.5