Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0411 | Unspecified vulnerability in Aeromail Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line. | 7.5 |
| 2002-08-12 | CVE-2000-1208 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | 7.2 |
| 2002-08-01 | CVE-2002-1616 | Local Privilege Escalation vulnerability in Tru64 CHSH Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc. | 7.2 |
| 2002-07-31 | CVE-2002-1449 | Unspecified vulnerability in Frederic Tyndiuk Eupload 1.0 eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt. | 7.5 |
| 2002-07-26 | CVE-2002-0717 | Denial-Of-Service vulnerability in PHP 4.2.0/4.2.1 PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed. | 7.5 |
| 2002-07-26 | CVE-2002-0716 | Unspecified vulnerability in SCO Openserver 5.0.5/5.0.6 Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument. | 7.2 |
| 2002-07-26 | CVE-2002-0714 | Unspecified vulnerability in Squid FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses. | 7.5 |
| 2002-07-26 | CVE-2002-0713 | Buffer Overflow vulnerability in Squid MSNT Auth Helper Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated. | 7.5 |
| 2002-07-26 | CVE-2002-0704 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Linux Kernel The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages. | 7.5 |
| 2002-07-26 | CVE-2002-0703 | Unspecified vulnerability in Gisle AAS Digest-Md5 An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. | 7.5 |