Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-09-24 CVE-2002-0691 Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5
Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189.
network
low complexity
microsoft
7.5
2002-09-24 CVE-2002-0647 Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0
Buffer overflow in a legacy ActiveX control used to display specially formatted text in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code, aka "Buffer Overrun in Legacy Text Formatting ActiveX Control".
network
low complexity
microsoft
7.5
2002-09-24 CVE-2002-0376 Buffer Overrun vulnerability in Apple Quicktime 5.0.2
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.
network
low complexity
apple
7.5
2002-09-13 CVE-2002-1615 Unspecified vulnerability in HP Hp-Ux and Tru64
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.
local
low complexity
hp
7.2
2002-09-13 CVE-2002-1612 Unspecified vulnerability in HP Hp-Ux and Tru64
Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
local
low complexity
hp
7.2
2002-09-10 CVE-2002-1613 Unspecified vulnerability in HP Hp-Ux and Tru64
Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
local
low complexity
hp
7.2
2002-09-09 CVE-2002-1614 Unspecified vulnerability in HP Hp-Ux and Tru64
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
local
low complexity
hp
7.2
2002-09-05 CVE-2002-0872 Unspecified vulnerability in L2Tpd
l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.
network
low complexity
l2tpd
7.5
2002-09-05 CVE-2002-0870 Remote Security vulnerability in CSS11000 Content Services Switch
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
network
low complexity
cisco
7.5
2002-09-05 CVE-2002-0858 Remote Security vulnerability in Oracle9i Developer Edition
catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges.
network
low complexity
oracle
7.5