Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-07-23 | CVE-2002-0641 | Buffer Overflow vulnerability in Microsoft Msde and SQL Server Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query. | 7.5 |
2002-07-23 | CVE-2002-0624 | Unspecified vulnerability in Microsoft Msde and SQL Server Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure." | 7.5 |
2002-07-11 | CVE-2002-0676 | Unspecified vulnerability in Apple mac OS X SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. | 7.5 |
2002-07-11 | CVE-2002-0653 | Off-by-one Error vulnerability in Modssl MOD SSL Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries. | 7.8 |
2002-07-11 | CVE-2002-0637 | Unspecified vulnerability in Trend Micro Interscan Viruswall 3.52 InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express. | 7.5 |
2002-07-08 | CVE-2002-1448 | Unspecified vulnerability in Avaya Cajun M770-Atm, Cajun P130 and Cajun P330 An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges. | 7.5 |
2002-07-03 | CVE-2002-0652 | Unspecified vulnerability in SGI Irix xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs(). | 7.5 |
2002-07-03 | CVE-2002-0651 | Buffer Overflow vulnerability in ISC Bind 9.4.0 Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | 7.5 |
2002-07-03 | CVE-2002-0631 | Unspecified vulnerability in SGI Irix Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges. | 7.2 |
2002-07-03 | CVE-2002-0623 | Buffer Overflow Variation vulnerability in Microsoft Commerce Server ISAPI Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Filter Buffer Overrun". | 7.5 |