Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1234 | Integer Overflow vulnerability in FreeBSD System Call f_count Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | 3.6 |
| 2003-12-31 | CVE-2003-1226 | Password Storage vulnerability in BEA Weblogic Server 7.0/7.0.0.1 BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords. | 2.1 |
| 2003-12-31 | CVE-2003-1225 | Password Storage vulnerability in BEA Weblogic Server 7.0/7.0.0.1 The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords. | 2.1 |
| 2003-12-31 | CVE-2003-1224 | Password Storage vulnerability in BEA Weblogic Server 7.0/7.0.0.1 Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen. | 2.1 |
| 2003-12-31 | CVE-2003-1174 | Unspecified vulnerability in Nullsoft Shoutcast Server 1.9.2 Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | 2.1 |
| 2003-12-31 | CVE-2003-1135 | Buffer Overrun vulnerability in Yahoo Messenger 5.6 Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | 2.6 |
| 2003-12-31 | CVE-2003-1134 | Denial Of Service vulnerability in SUN Java 1.3.1/1.4.1/1.4.2 Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | 2.1 |
| 2003-12-31 | CVE-2003-1133 | Unspecified vulnerability in Ritlabs the BAT Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts with insecure ACLs, which allows local users to read other users' email messages. | 2.1 |
| 2003-12-31 | CVE-2003-1129 | Buffer Overflow vulnerability in Yahoo Audio Conferencing Activex Control 1.0.0.43 Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat. | 2.6 |
| 2003-12-31 | CVE-2003-1122 | Unspecified vulnerability in Scriptlogic 4.01 ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ share, which allows users to modify log records and possibly execute arbitrary code. | 2.1 |