Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-02-11 | CVE-2003-1080 | Local Race Condition vulnerability in Sun Microsystems Solaris Mail Reading Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users. | 1.2 |
| 2003-01-17 | CVE-2003-0012 | Unspecified vulnerability in Mozilla Bugzilla The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. | 2.1 |
| 2003-01-17 | CVE-2002-1395 | Unspecified vulnerability in Debian Internet Message 1330/1410 Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. | 2.1 |
| 2003-01-17 | CVE-2002-1392 | Unspecified vulnerability in Gert Doering Mgetty faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | 2.1 |
| 2003-01-03 | CVE-2003-1071 | Unspecified vulnerability in SUN Solaris and Sunos rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. | 2.1 |
| 2002-12-31 | CVE-2002-2412 | Credentials Management vulnerability in Nullsoft Winamp 2.80 Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts. | 2.1 |
| 2002-12-31 | CVE-2002-2409 | Information Exposure vulnerability in QNX Neutrino Rtos and Photon Microgui Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID. | 3.5 |
| 2002-12-31 | CVE-2002-2384 | Credentials Management vulnerability in Hotfoon Corporation Hotfoon 4.0 hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service. | 3.6 |
| 2002-12-31 | CVE-2002-2334 | Permissions, Privileges, and Access Controls vulnerability in Joseph Allen JOE Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users. | 3.6 |
| 2002-12-31 | CVE-2002-2301 | Credentials Management vulnerability in Lawson Software Lawson Financials 8.0 Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database. | 3.3 |