Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-03-15 CVE-2002-0090 Buffer Overflow vulnerability in SUN Solaris 8.0
Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.
local
low complexity
sun
7.2
2002-03-15 CVE-2002-0089 Local Buffer Overflow vulnerability in Solaris admintool
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
local
low complexity
sun
7.2
2002-03-15 CVE-2002-0088 Unspecified vulnerability in SUN Solaris and Sunos
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
local
low complexity
sun
7.2
2002-03-15 CVE-2002-0086 Buffer Overflow vulnerability in Lotus Domino Notes_ExecDirectory
Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.
local
low complexity
ibm
7.2
2002-03-15 CVE-2002-0084 Unspecified vulnerability in SUN Solaris and Sunos
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
local
low complexity
sun
7.2
2002-03-15 CVE-2002-0082 Buffer Overflow vulnerability in Apache mod_ssl/Apache-SSL
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
network
low complexity
apache-ssl mod-ssl
7.5
2002-03-15 CVE-2002-0070 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
network
high complexity
microsoft CWE-119
7.6
2002-03-08 CVE-2002-0081 Buffer Overflow vulnerability in PHP Post File Upload
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
network
low complexity
php
7.5
2002-03-08 CVE-2002-0068 Buffer Overflow vulnerability in Squid Cache FTP Proxy URL
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
network
low complexity
squid redhat
7.5
2002-03-08 CVE-2002-0067 Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
network
low complexity
squid redhat
7.5