Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0456 | Unspecified vulnerability in Qualcomm Eudora 5.1 Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | 5.0 |
2002-08-12 | CVE-2002-0455 | Unspecified vulnerability in Incredimail Build1400185/Build560/Build618 IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | 5.0 |
2002-08-12 | CVE-2002-0454 | Remote Denial of Service vulnerability in Qualcomm QPopper Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop. | 5.0 |
2002-08-12 | CVE-2002-0425 | Unspecified vulnerability in Khaled Mardam-Bey Mirc 6.0/6.01 mIRC DCC server protocol allows remote attackers to gain sensitive information such as alternate IRC nicknames via a "100 testing" message in a DCC connection request that cannot be ignored or canceled by the user, which may leak the alternate nickname in a response message. | 5.0 |
2002-08-12 | CVE-2002-0424 | Unspecified vulnerability in Efingerd 1.3/1.6.1 efingerd 1.61 and earlier, when configured without the -u option, executes .efingerd files as the efingerd user (typically "nobody"), which allows local users to gain privileges as the efingerd user by modifying their own .efingerd file and running finger. | 4.6 |
2002-08-12 | CVE-2002-0421 | Unspecified vulnerability in Microsoft Windows NT 4.0 IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr. | 5.0 |
2002-08-12 | CVE-2002-0419 | Information Exposure vulnerability in Microsoft products Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the realm for Basic authentication, which could reveal real IP addresses that were obscured by NAT, or (3) when NTLM authentication is used, the NetBIOS name of the server and its Windows NT domain are revealed in response to an Authorization request. | 5.0 |
2002-08-12 | CVE-2002-0418 | Unspecified vulnerability in Endymion Sake Mail Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2002-08-12 | CVE-2002-0417 | Unspecified vulnerability in Endymion Mailman Webmail Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
2002-08-01 | CVE-2002-1446 | Unspecified vulnerability in Ncipher Pkcs 11 Library 1.2.0 The error checking routine used for the C_Verify call on a symmetric verification key in the nCipher PKCS#11 library 1.2.0 and later returns the CKR_OK status even when it detects an invalid signature, which could allow remote attackers to modify or forge messages. | 5.0 |