Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-05-29 | CVE-2002-0269 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks. | 7.5 |
2002-05-29 | CVE-2002-0268 | Authentication Bypass vulnerability in Identix Biologon 3.0 Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges. | 7.2 |
2002-05-29 | CVE-2002-0264 | Unspecified vulnerability in Cooolsoft Powerftp 2.03/2.10 PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges. | 7.5 |
2002-05-29 | CVE-2002-0263 | Remote Buffer Overflow vulnerability in Ezne.Net Ezboard 2000 1.27 Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. | 7.5 |
2002-05-29 | CVE-2002-0261 | Directory Traversal vulnerability in InstantServers MiniPortal Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... | 7.5 |
2002-05-29 | CVE-2002-0260 | Remote Buffer Overlow vulnerability in InstantServers MiniPortal FTP Login Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility. | 7.5 |
2002-05-29 | CVE-2002-0258 | Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. | 7.5 |
2002-05-29 | CVE-2002-0257 | Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4. | 7.5 |
2002-05-29 | CVE-2002-0252 | Remote Buffer Overflow vulnerability in Apple QuickTime Content-Type Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header. | 7.5 |
2002-05-29 | CVE-2002-0251 | Denial Of Service vulnerability in LICQ Format String Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d". | 7.5 |