Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-06-18 | CVE-2002-0593 | Buffer Overflow vulnerability in Netscape/Mozilla IRC Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | 7.5 |
2002-06-18 | CVE-2002-0592 | Unspecified vulnerability in AOL Instant Messenger AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user. | 7.5 |
2002-06-18 | CVE-2002-0590 | Unspecified vulnerability in Icredibb 1.1Beta Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts. | 7.5 |
2002-06-18 | CVE-2002-0589 | Unspecified vulnerability in Steve Korbett Pvote PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password. | 7.5 |
2002-06-18 | CVE-2002-0587 | Denial-Of-Service vulnerability in Aol Server Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | 7.5 |
2002-06-18 | CVE-2002-0586 | Unspecified vulnerability in AOL Server Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters. | 7.5 |
2002-06-18 | CVE-2002-0581 | SQL Injection vulnerability in Workforceroi Xpede 4.1 WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | 7.5 |
2002-06-18 | CVE-2002-0580 | Information Disclosure vulnerability in Workforceroi Xpede 4.1 WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks. | 7.5 |
2002-06-18 | CVE-2002-0579 | Unspecified vulnerability in Workforceroi Xpede 4.1 WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password. | 7.5 |
2002-06-18 | CVE-2002-0578 | Unspecified vulnerability in ACI 4D Webserver 6.5.7 Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password. | 7.5 |