Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-05-29 CVE-2002-0269 Unspecified vulnerability in Microsoft Internet Explorer
Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.
network
low complexity
microsoft
7.5
2002-05-29 CVE-2002-0268 Authentication Bypass vulnerability in Identix Biologon 3.0
Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges.
local
low complexity
identix
7.2
2002-05-29 CVE-2002-0264 Unspecified vulnerability in Cooolsoft Powerftp 2.03/2.10
PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges.
network
low complexity
cooolsoft
7.5
2002-05-29 CVE-2002-0263 Remote Buffer Overflow vulnerability in Ezne.Net Ezboard 2000 1.27
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi.
network
low complexity
ezne-net
7.5
2002-05-29 CVE-2002-0261 Directory Traversal vulnerability in InstantServers MiniPortal
Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ...
network
low complexity
instantservers-inc
7.5
2002-05-29 CVE-2002-0260 Remote Buffer Overlow vulnerability in InstantServers MiniPortal FTP Login
Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility.
network
low complexity
instantservers-inc
7.5
2002-05-29 CVE-2002-0258 Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g.
network
low complexity
icewarp merak
7.5
2002-05-29 CVE-2002-0257 Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4.
network
low complexity
apache usanet-creations
7.5
2002-05-29 CVE-2002-0252 Remote Buffer Overflow vulnerability in Apple QuickTime Content-Type
Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header.
network
low complexity
apple
7.5
2002-05-29 CVE-2002-0251 Denial Of Service vulnerability in LICQ Format String
Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d".
network
low complexity
licq
7.5