Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0802 | SQL-Injection vulnerability in Postgresql 6.5.0 The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks. | 7.5 |
| 2002-08-12 | CVE-2002-0799 | Buffer Overflow vulnerability in Youngzsoft Cmailserver 3.30 Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument. | 7.5 |
| 2002-08-12 | CVE-2002-0789 | Buffer Overflow vulnerability in Mnogosearch 3.1.19 Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter. | 7.5 |
| 2002-08-12 | CVE-2002-0787 | Cross-Site Scripting vulnerability in Critical Path Injoin Directory Server 4.0 Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters. | 7.5 |
| 2002-08-12 | CVE-2002-0783 | Unspecified vulnerability in Opera Software Opera web Browser 5.12/6.0/6.0.1 Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. | 7.5 |
| 2002-08-12 | CVE-2002-0778 | Unspecified vulnerability in Cisco products The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP. | 7.5 |
| 2002-08-12 | CVE-2002-0776 | Unspecified vulnerability in Hosting Controller Hosting Controller 2002 getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix. | 7.5 |
| 2002-08-12 | CVE-2002-0768 | Remote Security vulnerability in Linux Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command. | 7.5 |
| 2002-08-12 | CVE-2002-0767 | Unspecified vulnerability in Richard Gooch Simpleinit 2.0.2 simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges. | 7.2 |
| 2002-08-12 | CVE-2002-0766 | Unspecified vulnerability in Openbsd 2.9/3.0/3.1 OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. | 7.2 |