Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1366 | Information Exposure vulnerability in Openbsd chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. | 3.3 |
| 2003-12-31 | CVE-2003-1306 | Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response. | 2.6 |
| 2003-12-31 | CVE-2003-1295 | Multiple vulnerability in SuSE XScreenSaver Package Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | 2.1 |
| 2003-12-31 | CVE-2003-1294 | Multiple vulnerability in SuSE XScreenSaver Package Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
| 2003-12-31 | CVE-2003-1289 | Local Security vulnerability in BSD IBCS2 The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. | 2.1 |
| 2003-12-31 | CVE-2003-1281 | Unspecified vulnerability in Eekim Cgihtml 1.69 cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. | 2.1 |
| 2003-12-31 | CVE-2003-1273 | Denial Of Service vulnerability in Nullsoft Winamp 3.0 Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. | 2.1 |
| 2003-12-31 | CVE-2003-1265 | Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. | 2.1 |
| 2003-12-31 | CVE-2003-1261 | Buffer Overflow vulnerability in GlobalScape CuteFTP Clipboard URL Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. | 2.1 |
| 2003-12-31 | CVE-2003-1246 | Symbolic Link Bypass vulnerability in Pedestal Software Integrity Protection Driver 1.2/1.3 NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. | 2.1 |