Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-05-31 | CVE-2002-0286 | Unspecified vulnerability in Sitenews The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user. | 7.5 |
2002-05-31 | CVE-2002-0285 | Unspecified vulnerability in Microsoft Outlook Express 5.5/6.0 Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. | 7.5 |
2002-05-31 | CVE-2002-0280 | Remote Security vulnerability in Codeblue Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply. | 7.5 |
2002-05-31 | CVE-2002-0278 | Directory Traversal vulnerability in Mailman Free Directory traversal vulnerability in Add2it Mailman Free 1.73 and earlier allows remote attackers to modify arbitrary files via a .. | 7.5 |
2002-05-31 | CVE-2002-0277 | Remote Arbitrary Command Execution vulnerability in Add2it Mailman Free Add2it Mailman Free 1.73 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the list parameter. | 7.5 |
2002-05-31 | CVE-2002-0276 | Buffer Overflow vulnerability in Ettercap 0.6.3.1 Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets. | 7.5 |
2002-05-29 | CVE-2002-0374 | Unspecified vulnerability in Padl Software PAM Ldap Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name. | 7.5 |
2002-05-29 | CVE-2002-0363 | Unspecified vulnerability in Aladdin Enterprises Ghostscript ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice. | 7.5 |
2002-05-29 | CVE-2002-0362 | Remote Buffer Overflow vulnerability in AOL Instant Messenger 4.2 Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711. | 7.5 |
2002-05-29 | CVE-2002-0356 | Unspecified vulnerability in SGI Irix Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files. | 7.2 |