Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-07-03 | CVE-2002-0546 | Unspecified vulnerability in Nullsoft Winamp 2.78/2.79 Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. | 7.5 |
2002-07-03 | CVE-2002-0544 | Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0 Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges. | 7.2 |
2002-07-03 | CVE-2002-0542 | Unspecified vulnerability in Openbsd 2.9/3.0 mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron. | 7.2 |
2002-07-03 | CVE-2002-0541 | Buffer Overflow vulnerability in IBM Tivoli Storage Manager 4.2/4.2.1 Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581. | 7.5 |
2002-07-03 | CVE-2002-0540 | Unspecified vulnerability in Nortel CVX 1800 Multi-Service Access Switch 3.6.3 Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration. | 7.5 |
2002-07-03 | CVE-2002-0538 | Unspecified vulnerability in Symantec products FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | 7.5 |
2002-07-03 | CVE-2002-0536 | Unspecified vulnerability in PHPgroupware 0.9.13 PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack. | 7.5 |
2002-07-03 | CVE-2002-0378 | Remote Print Submission vulnerability in Astart Technologies Lprng 3.7.4/3.8.9 The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts. | 7.5 |
2002-07-03 | CVE-2002-0373 | Privilege Escalation vulnerability in Microsoft Windows Media Player 7.1 The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through Windows Media Device Manager Service". | 7.2 |
2002-07-03 | CVE-2002-0372 | Path Disclosure vulnerability in Windows Media Player IE Cache Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player". | 7.5 |