Weekly Vulnerabilities Reports > January 10 to 16, 2000

Overview

13 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 4 high severity vulnerabilities. This weekly summary report vulnerabilities in 14 products from 10 vendors including Microsoft, Netscape, IBM, Oracle, and Corel. Vulnerabilities are notably categorized as .

  • 9 reported vulnerabilities are remotely exploitables.
  • 13 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 3 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

1 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-01-10 CVE-2000-0081 Microsoft Unspecified vulnerability in Microsoft Hotmail

Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g.

10.0

4 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-01-11 CVE-2000-0074 Powerscripts Unspecified vulnerability in Powerscripts Plusmail

PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions.

7.5
2000-01-10 CVE-2000-0046 Mirabilis Remote Buffer Overflow vulnerability in Mirabilis ICQ 0.99B1.1.1.1

Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message.

7.5
2000-01-12 CVE-2000-0070 Microsoft Unspecified vulnerability in Microsoft Windows NT 4.0

NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."

7.2
2000-01-12 CVE-2000-0048 Corel Unspecified vulnerability in Corel Linux 1.0

get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.

7.2

6 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-01-11 CVE-2000-0045 Oracle Unspecified vulnerability in Oracle Mysql 3.22.27/3.22.29/3.23.8

MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.

6.4
2000-01-13 CVE-2000-0075 Nosque Unspecified vulnerability in Nosque Msgcore 1.9

Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session.

5.0
2000-01-13 CVE-2000-0066 Oreilly Unspecified vulnerability in Oreilly Website Professional 2.3.18/2.4.9

WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request.

5.0
2000-01-12 CVE-2000-0087 Netscape Unspecified vulnerability in Netscape Communicator and Navigator

Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.

5.0
2000-01-12 CVE-1999-1002 Netscape Remote Security vulnerability in Netscape Communicator 4.7

Netscape Navigator uses weak encryption for storing a user's Netscape mail password.

5.0
2000-01-11 CVE-2000-0071 Microsoft Unspecified vulnerability in Microsoft products

IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions.

5.0

2 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-01-11 CVE-2000-0067 Cybercash Unspecified vulnerability in Cybercash Merchant Connection KIT 3.2.0.4

CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack.

2.1
2000-01-10 CVE-2000-0080 IBM Unspecified vulnerability in IBM AIX 4.3.2

AIX techlibss allows local users to overwrite files via a symlink attack.

2.1