Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-06-25 | CVE-2002-0347 | Directory Traversal File Reading vulnerability in SUN Cobalt RAQ 2, Cobalt RAQ 3I and Cobalt RAQ 4 Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. | 5.0 |
| 2002-06-25 | CVE-2002-0344 | Unspecified vulnerability in Symantec Liveupdate 1.0/1.4/1.5 Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | 5.0 |
| 2002-06-25 | CVE-2002-0343 | Unspecified vulnerability in Hotline Communications Hotline Connect 1.8.5 Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords. | 4.6 |
| 2002-06-25 | CVE-2002-0342 | Denial Of Service vulnerability in KDE K-Mail 1.2 Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long. | 5.0 |
| 2002-06-25 | CVE-2002-0341 | Remote Security vulnerability in Novell Groupwise 5.5 GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter. | 5.0 |
| 2002-06-25 | CVE-2002-0339 | Unspecified vulnerability in Cisco IOS Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. | 5.0 |
| 2002-06-25 | CVE-2002-0338 | Denial Of Service vulnerability in Rit Research Labs The Bat! MS DOS Device Name The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name. | 5.0 |
| 2002-06-25 | CVE-2002-0337 | Denial of Service vulnerability in Realnetworks Realplayer 8.0 RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. | 5.4 |
| 2002-06-25 | CVE-2002-0333 | Remote vulnerability in xtell Trusted TTY Device Name Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. | 5.0 |
| 2002-06-25 | CVE-2002-0331 | Directory Traversal vulnerability in Alcatech Gmbh BPM Studio PRO 4.2 Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. | 5.0 |