Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-21 | CVE-2001-0873 | Unspecified vulnerability in IAN Lance Taylor Uucp 1.0.6 uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option. | 7.2 |
| 2001-12-21 | CVE-2001-0872 | OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | 7.2 |
| 2001-12-21 | CVE-2001-0871 | Remote Command Execution vulnerability in Alchemy Eye Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. | 7.5 |
| 2001-12-21 | CVE-2001-0869 | Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. | 7.5 |
| 2001-12-20 | CVE-2001-1215 | Unspecified vulnerability in Michael Baumer Pfinger 0.7.5/0.7.6/0.7.7 Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | 7.5 |
| 2001-12-20 | CVE-2001-0876 | Buffer Overflow vulnerability in Microsoft UPnP NOTIFY Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. | 7.5 |
| 2001-12-20 | CVE-2001-0542 | Buffer Overflow vulnerability in Microsoft SQL-Server 2000/7.0 Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. | 7.5 |
| 2001-12-19 | CVE-2001-0889 | Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters. | 7.5 |
| 2001-12-17 | CVE-2001-1201 | Unspecified vulnerability in Timecop Wmcube GDK 0.98 Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file. | 7.2 |
| 2001-12-17 | CVE-2001-1200 | Unspecified vulnerability in Microsoft Windows XP Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys. | 7.2 |