Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-06-18 CVE-2002-0593 Buffer Overflow vulnerability in Netscape/Mozilla IRC
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
network
low complexity
mozilla netscape
7.5
2002-06-18 CVE-2002-0592 Unspecified vulnerability in AOL Instant Messenger
AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user.
network
low complexity
aol
7.5
2002-06-18 CVE-2002-0590 Unspecified vulnerability in Icredibb 1.1Beta
Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts.
network
low complexity
icredibb
7.5
2002-06-18 CVE-2002-0589 Unspecified vulnerability in Steve Korbett Pvote
PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.
network
low complexity
steve-korbett
7.5
2002-06-18 CVE-2002-0587 Denial-Of-Service vulnerability in Aol Server
Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters.
network
low complexity
aol
7.5
2002-06-18 CVE-2002-0586 Unspecified vulnerability in AOL Server
Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters.
network
low complexity
aol
7.5
2002-06-18 CVE-2002-0581 SQL Injection vulnerability in Workforceroi Xpede 4.1
WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.
network
low complexity
workforceroi
7.5
2002-06-18 CVE-2002-0580 Information Disclosure vulnerability in Workforceroi Xpede 4.1
WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks.
network
low complexity
workforceroi
7.5
2002-06-18 CVE-2002-0579 Unspecified vulnerability in Workforceroi Xpede 4.1
WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password.
network
low complexity
workforceroi
7.5
2002-06-18 CVE-2002-0578 Unspecified vulnerability in ACI 4D Webserver 6.5.7
Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password.
network
low complexity
aci
7.5