Weekly Vulnerabilities Reports > January 22 to 28, 2001
Overview
2 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 2 high severity vulnerabilities. This weekly summary report vulnerabilities in 2 products from 2 vendors including Oracle, and ATT. Vulnerabilities are notably categorized as .
- 2 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities are exploitable by an anonymous user.
- Oracle has the most reported vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
2 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2001-01-23 | CVE-2001-1422 | ATT | Authentication vulnerability in AT&T; VNC Weak WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | 7.5 |
2001-01-23 | CVE-2001-1274 | Oracle | Unspecified vulnerability in Oracle Mysql Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. | 7.5 |
0 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|