Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0501 | Unspecified vulnerability in Posadis M5Pre1 Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages. | 7.2 |
| 2002-08-12 | CVE-2002-0494 | Cross-Site Scripting vulnerability in Websight Directory System Websight Directory System 0.1 Cross-site scripting vulnerability in WebSight Directory System 0.1 allows remote attackers to execute arbitrary Javascript and gain access to the WebSight administrator via a new link submission containing the script in a website name. | 7.5 |
| 2002-08-12 | CVE-2002-0486 | Weak Password Encryption vulnerability in Workforceroi Xpede 4.1/7.0 Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges. | 7.2 |
| 2002-08-12 | CVE-2002-0485 | Improper Handling of Case Sensitivity vulnerability in Symantec Norton Antivirus Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients. | 7.5 |
| 2002-08-12 | CVE-2002-0479 | Unspecified vulnerability in Gravity Storm Software Service Pack Manager 2000 6.0/6.1/6.3 Gravity Storm Service Pack Manager 2000 creates a hidden share (SPM2000c$) mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share. | 7.2 |
| 2002-08-12 | CVE-2002-0477 | Unspecified vulnerability in Macromedia Flash Player 5.0 Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand. | 7.5 |
| 2002-08-12 | CVE-2002-0470 | Unspecified vulnerability in PHPnettoolpack 0.1 PHPNetToolpack 0.1 relies on its environment's PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path. | 7.2 |
| 2002-08-12 | CVE-2002-0469 | Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges. | 7.2 |
| 2002-08-12 | CVE-2002-0459 | Unspecified vulnerability in Linux-Sottises Board-Tnk and News-Tnk Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | 7.6 |
| 2002-08-12 | CVE-2002-0458 | Security vulnerability in News-Tnk 1.2.1/1.2.2 Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | 7.6 |